MEDIUM5.0
Уязвимость в qemu-nbd эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P
Серьёзность:
Закрытые проблемы (10)
MEDIUM5.0
Уязвимость сервера Qemu-NBD эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:PСсылки
LOW3.7
Уязвимость эмулятора аппаратного обеспечения QEMU, связанная с разыменованием нулевого указателя, позволяющая нарушителю вызвать отказ в обслуживании
CVSS 3.xНИЗКАЯ 3.7
CVSS:3.x/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LCVSS 2.0НИЗКАЯ 1.9
CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:PСсылки
HIGH7.5
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:PCVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/29/1
- http://www.securityfocus.com/bid/99513
- https://access.redhat.com/errata/RHSA-2017:2390
- https://access.redhat.com/errata/RHSA-2017:2445
- https://access.redhat.com/errata/RHSA-2017:3466
- https://access.redhat.com/errata/RHSA-2017:3470
- https://access.redhat.com/errata/RHSA-2017:3471
- https://access.redhat.com/errata/RHSA-2017:3472
- https://access.redhat.com/errata/RHSA-2017:3473
- https://access.redhat.com/errata/RHSA-2017:3474
- https://bugzilla.redhat.com/show_bug.cgi?id=1466190
- https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
- http://www.debian.org/security/2017/dsa-3920
- http://www.openwall.com/lists/oss-security/2017/06/29/1
- http://www.securityfocus.com/bid/99513
- https://access.redhat.com/errata/RHSA-2017:2390
- https://access.redhat.com/errata/RHSA-2017:2445
- https://access.redhat.com/errata/RHSA-2017:3466
- https://access.redhat.com/errata/RHSA-2017:3470
- https://access.redhat.com/errata/RHSA-2017:3471
- https://access.redhat.com/errata/RHSA-2017:3472
- https://access.redhat.com/errata/RHSA-2017:3473
- https://access.redhat.com/errata/RHSA-2017:3474
- https://bugzilla.redhat.com/show_bug.cgi?id=1466190
- https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02693.html
MEDIUM5.5
Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.
CVSS 2.0НИЗКАЯ 2.1
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 5.5
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/07/07/1
- http://www.securityfocus.com/bid/99475
- https://bugzilla.redhat.com/show_bug.cgi?id=1468496
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/07/07/1
- http://www.securityfocus.com/bid/99475
- https://bugzilla.redhat.com/show_bug.cgi?id=1468496
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html
MEDIUM4.4
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.
CVSS 2.0НИЗКАЯ 2.1
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 4.4
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/07/17/4
- http://www.securityfocus.com/bid/99895
- https://access.redhat.com/errata/RHSA-2017:3369
- https://access.redhat.com/errata/RHSA-2017:3466
- https://access.redhat.com/errata/RHSA-2017:3470
- https://access.redhat.com/errata/RHSA-2017:3471
- https://access.redhat.com/errata/RHSA-2017:3472
- https://access.redhat.com/errata/RHSA-2017:3473
- https://access.redhat.com/errata/RHSA-2017:3474
- https://bugzilla.redhat.com/show_bug.cgi?id=1471638
- https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
- https://usn.ubuntu.com/3575-1/
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/07/17/4
- http://www.securityfocus.com/bid/99895
- https://access.redhat.com/errata/RHSA-2017:3369
- https://access.redhat.com/errata/RHSA-2017:3466
- https://access.redhat.com/errata/RHSA-2017:3470
- https://access.redhat.com/errata/RHSA-2017:3471
- https://access.redhat.com/errata/RHSA-2017:3472
- https://access.redhat.com/errata/RHSA-2017:3473
- https://access.redhat.com/errata/RHSA-2017:3474
- https://bugzilla.redhat.com/show_bug.cgi?id=1471638
- https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg03775.html
- https://usn.ubuntu.com/3575-1/
MEDIUM5.5
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.
CVSS 2.0НИЗКАЯ 2.1
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 5.5
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/07/19/2
- http://www.securityfocus.com/bid/99923
- https://bugzilla.redhat.com/show_bug.cgi?id=1472611
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/07/19/2
- http://www.securityfocus.com/bid/99923
- https://bugzilla.redhat.com/show_bug.cgi?id=1472611
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html
HIGH7.5
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:PCVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.openwall.com/lists/oss-security/2017/07/21/4
- http://www.securityfocus.com/bid/99944
- https://access.redhat.com/errata/RHSA-2017:2628
- https://access.redhat.com/errata/RHSA-2017:3466
- https://access.redhat.com/errata/RHSA-2017:3470
- https://access.redhat.com/errata/RHSA-2017:3471
- https://access.redhat.com/errata/RHSA-2017:3472
- https://access.redhat.com/errata/RHSA-2017:3473
- https://access.redhat.com/errata/RHSA-2017:3474
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7539
- https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=2b0bbc4f8809c972bad134bc1a2570dbb01dea0b
- https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=ff82911cd3f69f028f2537825c9720ff78bc3f19
- http://www.openwall.com/lists/oss-security/2017/07/21/4
- http://www.securityfocus.com/bid/99944
- https://access.redhat.com/errata/RHSA-2017:2628
- https://access.redhat.com/errata/RHSA-2017:3466
- https://access.redhat.com/errata/RHSA-2017:3470
- https://access.redhat.com/errata/RHSA-2017:3471
- https://access.redhat.com/errata/RHSA-2017:3472
- https://access.redhat.com/errata/RHSA-2017:3473
- https://access.redhat.com/errata/RHSA-2017:3474
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7539
- https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=2b0bbc4f8809c972bad134bc1a2570dbb01dea0b
- https://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=ff82911cd3f69f028f2537825c9720ff78bc3f19
MEDIUM5.5
QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing.
CVSS 2.0НИЗКАЯ 1.9
CVSS:2.0/AV:L/AC:M/Au:N/C:N/I:N/A:PCVSS 3.xСРЕДНЯЯ 5.5
CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.openwall.com/lists/oss-security/2017/06/08/1
- http://www.securityfocus.com/bid/99010
- https://bugzilla.redhat.com/show_bug.cgi?id=1459477
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html
- http://www.openwall.com/lists/oss-security/2017/06/08/1
- http://www.securityfocus.com/bid/99010
- https://bugzilla.redhat.com/show_bug.cgi?id=1459477
- https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
- https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html
HIGH7.5
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
CVSS 2.0СРЕДНЯЯ 5.0
CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:PCVSS 3.xВЫСОКАЯ 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HСсылки
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/06/12/1
- http://www.securityfocus.com/bid/99011
- https://access.redhat.com/errata/RHSA-2017:1681
- https://access.redhat.com/errata/RHSA-2017:1682
- https://access.redhat.com/errata/RHSA-2017:2408
- https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg06240.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02321.html
- http://www.debian.org/security/2017/dsa-3925
- http://www.openwall.com/lists/oss-security/2017/06/12/1
- http://www.securityfocus.com/bid/99011
- https://access.redhat.com/errata/RHSA-2017:1681
- https://access.redhat.com/errata/RHSA-2017:1682
- https://access.redhat.com/errata/RHSA-2017:2408
- https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg06240.html
- https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02321.html