| 0 |
| url |
VCID-2fr3-kytt-h7ff |
| vulnerability_id |
VCID-2fr3-kytt-h7ff |
| summary |
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5579
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2fr3-kytt-h7ff |
|
| 1 |
| url |
VCID-7gnm-n9bc-n7at |
| vulnerability_id |
VCID-7gnm-n9bc-n7at |
| summary |
Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5552
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7gnm-n9bc-n7at |
|
| 2 |
| url |
VCID-95d6-n1v7-y7cd |
| vulnerability_id |
VCID-95d6-n1v7-y7cd |
| summary |
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5898
|
| risk_score |
1.8 |
| exploitability |
0.5 |
| weighted_severity |
3.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-95d6-n1v7-y7cd |
|
| 3 |
| url |
VCID-9c12-abdp-17ea |
| vulnerability_id |
VCID-9c12-abdp-17ea |
| summary |
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-9105
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9c12-abdp-17ea |
|
| 4 |
| url |
VCID-bk24-wqs5-5fcv |
| vulnerability_id |
VCID-bk24-wqs5-5fcv |
| summary |
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-2615, XSA-208
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bk24-wqs5-5fcv |
|
| 5 |
| url |
VCID-bkd3-4xyx-4yeh |
| vulnerability_id |
VCID-bkd3-4xyx-4yeh |
| summary |
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-10155
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bkd3-4xyx-4yeh |
|
| 6 |
| url |
VCID-dne4-8bum-yfdj |
| vulnerability_id |
VCID-dne4-8bum-yfdj |
| summary |
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-9106
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dne4-8bum-yfdj |
|
| 7 |
| url |
VCID-f9z4-jw8g-d7c8 |
| vulnerability_id |
VCID-f9z4-jw8g-d7c8 |
| summary |
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-9102
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-f9z4-jw8g-d7c8 |
|
| 8 |
| url |
VCID-mqwn-6vh8-jbc7 |
| vulnerability_id |
VCID-mqwn-6vh8-jbc7 |
| summary |
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-6505
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mqwn-6vh8-jbc7 |
|
| 9 |
| url |
VCID-p24x-d6qs-77a5 |
| vulnerability_id |
VCID-p24x-d6qs-77a5 |
| summary |
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5525
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p24x-d6qs-77a5 |
|
| 10 |
| url |
VCID-ph34-yup5-z7a4 |
| vulnerability_id |
VCID-ph34-yup5-z7a4 |
| summary |
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5931
|
| risk_score |
1.8 |
| exploitability |
0.5 |
| weighted_severity |
3.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ph34-yup5-z7a4 |
|
| 11 |
| url |
VCID-pu4q-r2h5-cuaa |
| vulnerability_id |
VCID-pu4q-r2h5-cuaa |
| summary |
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5667
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pu4q-r2h5-cuaa |
|
| 12 |
| url |
VCID-q7dy-tk74-3kby |
| vulnerability_id |
VCID-q7dy-tk74-3kby |
| summary |
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5856
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-q7dy-tk74-3kby |
|
| 13 |
| url |
VCID-qegh-vk15-zbbu |
| vulnerability_id |
VCID-qegh-vk15-zbbu |
| summary |
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2016-9104
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qegh-vk15-zbbu |
|
| 14 |
| url |
VCID-sqzp-srfh-nqbd |
| vulnerability_id |
VCID-sqzp-srfh-nqbd |
| summary |
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5857
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sqzp-srfh-nqbd |
|
| 15 |
| url |
VCID-ur84-4qah-6ued |
| vulnerability_id |
VCID-ur84-4qah-6ued |
| summary |
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. |
| references |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-2620, XSA-209
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ur84-4qah-6ued |
|
| 16 |
| url |
VCID-y82e-cyrq-t7d6 |
| vulnerability_id |
VCID-y82e-cyrq-t7d6 |
| summary |
Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands. |
| references |
|
| fixed_packages |
|
| aliases |
CVE-2017-5578
|
| risk_score |
1.4 |
| exploitability |
0.5 |
| weighted_severity |
2.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-y82e-cyrq-t7d6 |
|