Several security issues were fixed in QEMU ...
USN-3575-1 introduced a regression in QEMU ...
Multiple vulnerabilities were found in qemu, a fast processor emulator:
CVE-2017-9375
Denial of service via memory leak in USB XHCI emulation
CVE-2017-12809
Denial of service in the CDROM device drive emulation
CVE-2017-13672
Denial of service in VGA display emulation
CVE-2017-13711
Denial of service in SLIRP networking support ...
Synopsis
Low: qemu-kvm security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Important: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton), Red Hat OpenStack Platform 110 (Ocata), Red Hat OpenStack Platform 120 (Pike), Red Hat OpenStack Platform ...
Synopsis
Important: qemu-kvm security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Debian Bug report logs -
#873849
qemu: CVE-2017-12809
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 31 Aug 2017 17:21:01 UTC
Severity: important
Tags: patch, security, upstream
Found in version ...
Debian Bug report logs -
#864219
qemu: CVE-2017-9375: usb: xhci infinite recursive call via xhci_kick_ep
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:48:01 UTC
Severity: serious
...
Debian Bug report logs -
#873851
qemu: CVE-2017-13672: vga: OOB read access during display update
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 31 Aug 2017 17:24:04 UTC
Severity: important
Tags: ...
Debian Bug report logs -
#865754
qemu: CVE-2017-9503: megasas: null pointer dereference while processing megasas command
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:09:02 UTC
Se ...
Debian Bug report logs -
#877890
qemu: CVE-2017-15038: 9p: virtfs: information disclosure when reading extended attributes
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 6 Oct 2017 18:36:02 UTC
...
Debian Bug report logs -
#874606
qemu: CVE-2017-14167: i386: multiboot OOB access while loading guest kernel image
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Sep 2017 20:45:01 UTC
Severity ...
Debian Bug report logs -
#873875
qemu: CVE-2017-13711: Slirp: use-after-free when sending response
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 31 Aug 2017 19:42:02 UTC
Severity: normal
Tags: s ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation ...