Several security issues were fixed in QEMU ...
USN-3575-1 introduced a regression in QEMU ...
Synopsis
Low: qemu-kvm security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Important: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton), Red Hat OpenStack Platform 110 (Ocata), Red Hat OpenStack Platform 120 (Pike), Red Hat OpenStack Platform ...
Several vulnerabilities were discovered in qemu, a fast processor
emulator
CVE-2017-15038
Tuomas Tynkkynen discovered an information leak in 9pfs
CVE-2017-15119
Eric Blake discovered that the NBD server insufficiently restricts
large option requests, resulting in denial of service
CVE-2017-15124
Daniel Berrange discovered that t ...
Debian Bug report logs -
#883406
qemu: CVE-2017-15118: stack buffer overflow in NBD server triggered via long export name
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 3 Dec 2017 16:36:01 UTC
S ...
Debian Bug report logs -
#880836
qemu: CVE-2017-15268: I/O: potential memory exhaustion via websock connection to VNC
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 4 Nov 2017 23:21:02 UTC
Sever ...
Debian Bug report logs -
#883625
qemu: CVE-2017-17381: virtio: divide by zero exception while updating rings
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 5 Dec 2017 21:15:01 UTC
Severity: norm ...
Debian Bug report logs -
#880832
qemu: CVE-2017-15289: cirrus: OOB access issue in mode4and5 write functions
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 4 Nov 2017 23:06:01 UTC
Severity: impo ...
Debian Bug report logs -
#883399
qemu: CVE-2017-15119: DoS via large option request
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 3 Dec 2017 15:51:01 UTC
Severity: normal
Tags: security, upstre ...
Debian Bug report logs -
#886532
Coming updates for meltdown/spectre
Package:
qemu;
Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon)
Reported by: Nigel Kukard <nkukard@lbsdnet>
Date: Sun, 7 Jan 2018 12:15:02 UTC
Severity: grave
Fo ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
Vulmon