Synopsis
Low: qemu-kvm security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Important: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton), Red Hat OpenStack Platform 110 (Ocata), Red Hat OpenStack Platform 120 (Pike), Red Hat OpenStack Platform ...
Multiple vulnerabilities were found in qemu, a fast processor emulator:
CVE-2017-9375
Denial of service via memory leak in USB XHCI emulation
CVE-2017-12809
Denial of service in the CDROM device drive emulation
CVE-2017-13672
Denial of service in VGA display emulation
CVE-2017-13711
Denial of service in SLIRP networking support ...
Debian Bug report logs -
#873849
qemu: CVE-2017-12809
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 31 Aug 2017 17:21:01 UTC
Severity: important
Tags: patch, security, upstream
Found in version ...
Debian Bug report logs -
#864219
qemu: CVE-2017-9375: usb: xhci infinite recursive call via xhci_kick_ep
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:48:01 UTC
Severity: serious
...
Debian Bug report logs -
#873851
qemu: CVE-2017-13672: vga: OOB read access during display update
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 31 Aug 2017 17:24:04 UTC
Severity: important
Tags: ...
Debian Bug report logs -
#865754
qemu: CVE-2017-9503: megasas: null pointer dereference while processing megasas command
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:09:02 UTC
Se ...
Debian Bug report logs -
#877890
qemu: CVE-2017-15038: 9p: virtfs: information disclosure when reading extended attributes
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 6 Oct 2017 18:36:02 UTC
...
Debian Bug report logs -
#874606
qemu: CVE-2017-14167: i386: multiboot OOB access while loading guest kernel image
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 7 Sep 2017 20:45:01 UTC
Severity ...
Debian Bug report logs -
#873875
qemu: CVE-2017-13711: Slirp: use-after-free when sending response
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 31 Aug 2017 19:42:02 UTC
Severity: normal
Tags: s ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
Vulmon