ALT-PU-2017-1421-1

BDU:2017-00646

MEDIUM4.9

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00647

MEDIUM4.9

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00648

MEDIUM4.9

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00649

MEDIUM4.9

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00650

MEDIUM4.9

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00651

LOW2.1

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

References

BDU:2017-00652

MEDIUM4.9

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00653

MEDIUM4.9

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

References

BDU:2017-00654

LOW2.1

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Published: 2017-03-23Modified: 2021-03-23

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

References

BDU:2017-00773

LOW2.1

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2017-04-06Modified: 2021-03-23

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

References

CVE-2017-5525

MEDIUM6.5

Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Published: 2017-03-15Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5526

MEDIUM6.5

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Published: 2017-03-15Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5552

MEDIUM6.5

Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

Published: 2017-03-15Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5578

MEDIUM6.5

Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

Published: 2017-03-15Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5579

MEDIUM6.5

Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Published: 2017-03-15Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5667

MEDIUM6.5

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

Published: 2017-03-16Modified: 2025-04-20

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5856

MEDIUM6.5

Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.

Published: 2017-03-16Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5857

MEDIUM6.5

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.

Published: 2017-03-16Modified: 2025-04-20

CVSS 2.0MEDIUM 4.9

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

CVE-2017-5898

MEDIUM5.5

Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.

Published: 2017-03-15Modified: 2025-04-20

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2017-5973

MEDIUM5.5

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

Published: 2017-03-27Modified: 2025-04-20

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2017-5987

MEDIUM5.5

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.

Published: 2017-03-20Modified: 2025-04-20

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

CVE-2017-6505

MEDIUM6.5

The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.

Published: 2017-03-15Modified: 2025-04-20

CVSS 2.0LOW 2.1

CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 6.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References

Package update qemu in branch c7

Closed issues (22)

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании

Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.

Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.

The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.