Multiple vulnerabilities were found in qemu, a fast processor
emulator:
CVE-2017-9310
Denial of service via infinite loop in e1000e NIC emulation
CVE-2017-9330
Denial of service via infinite loop in USB OHCI emulation
CVE-2017-9373
Denial of service via memory leak in IDE AHCI emulation
CVE-2017-9374
Denial of service via memory ...
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks
CVE-2014-9940
A use-after-free flaw in the voltage and current regulator driver
could allow a local user to cause a denial of service or potentially
escalate privileges
CVE-2017-7346
Li ...
Debian Bug report logs -
#864568
qemu: CVE-2017-9374: usb: ehci host memory leakage during hotunplug
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 10 Jun 2017 19:27:01 UTC
Severity: serious
Tags ...
Debian Bug report logs -
#864219
qemu: CVE-2017-9375: usb: xhci infinite recursive call via xhci_kick_ep
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:48:01 UTC
Severity: serious
...
Debian Bug report logs -
#867751
qemu: CVE-2017-10806: usb-redirect: stack buffer overflow in debug logging
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 9 Jul 2017 08:18:10 UTC
Severity: minor ...
Debian Bug report logs -
#865754
qemu: CVE-2017-9503: megasas: null pointer dereference while processing megasas command
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:09:02 UTC
Se ...
Debian Bug report logs -
#869706
qemu: CVE-2017-10911
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 25 Jul 2017 19:48:02 UTC
Severity: serious
Tags: security, upstream
Found in version qemu/1:2 ...
Debian Bug report logs -
#864216
qemu: CVE-2017-9373 ide: ahci host memory leakage during hotunplug
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:42:05 UTC
Severity: serious
Tags: ...
Debian Bug report logs -
#866674
qemu: CVE-2017-10664: qemu-nbd: server breaks with SIGPIPE upon client abort
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 30 Jun 2017 19:03:01 UTC
Severity: ser ...
Debian Bug report logs -
#863840
qemu: CVE-2017-9310: net: infinite loop in e1000e NIC emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 31 May 2017 20:21:02 UTC
Severity: serious
Tags: fi ...
Debian Bug report logs -
#863943
qemu: CVE-2017-9330: usb: ohci: infinite loop due to incorrect return value
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 2 Jun 2017 06:21:01 UTC
Severity: seri ...
Debian Bug report logs -
#869171
qemu: CVE-2017-11434: slirp: out-of-bounds read while parsing dhcp options
Package:
qemu;
Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon)
Reported by: Guido Günther <agx@sigxcpuorg>
Date: Fri, 21 Jul ...
Debian Bug report logs -
#865755
qemu: CVE-2017-9524: nbd: segmentation fault due to client non-negotiation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:21:01 UTC
Severity: serio ...
Debian Bug report logs -
#869173
qemu: CVE-2017-11334: exec: oob access during dma operation
Package:
qemu;
Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon)
Reported by: Guido Günther <agx@sigxcpuorg>
Date: Fri, 21 Jul 2017 09:33:02 ...
The make_response function in drivers/block/xen-blkback/blkbackc in the Linux kernel before 4118 allows guest OS users to obtain sensitive information from host OS (or other guest OS) kernel memory by leveraging the copying of uninitialized padding fields in Xen block-interface response structures, aka XSA-216 ...
Several security issues were fixed in QEMU ...
USN-3414-1 introduced a regression in QEMU ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Several security issues were fixed in the Linux kernel ...
Description of Problem A number of security issues have been identified within Citrix XenServer These issues could, if exploited, allow a malicious administrator of a guest VM to compromise the host The issues have the identifiers: CVE-2017-10920, CVE-2017-10921 and CVE-2017-10922 (High): Grant table operations mishandle reference counts C ...