Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pktc in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN stripping ...
Debian Bug report logs -
#856969
qemu: CVE-2017-6505: infinite loop issue in ohci_service_ed_list
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 6 Mar 2017 18:51:01 UTC
Severity: normal
Tags: pa ...
Debian Bug report logs -
#859854
qemu: CVE-2017-7377
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 7 Apr 2017 19:48:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
F ...
Debian Bug report logs -
#857744
qemu: CVE-2016-9603: cirrus: heap buffer overflow via vnc connection
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 14 Mar 2017 16:15:01 UTC
Severity: grave
Tags: ...
Debian Bug report logs -
#855616
qemu: CVE-2017-6058: net: vmxnet3: OOB NetRxPkt::ehdr_buf access when doing vlan stripping
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 20 Feb 2017 19:51:01 UTC
...
Debian Bug report logs -
#854731
qemu: CVE-2017-2615
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:45:02 UTC
Severity: important
Tags: fixed-upstream, security, upstream
Found in vers ...
Debian Bug report logs -
#854730
CVE-2017-5931
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:42:04 UTC
Severity: important
Tags: security
Fixed in version qemu/1:28+dfsg-3
Done: Mic ...
Debian Bug report logs -
#855227
qemu: CVE-2017-2630: nbd: oob stack write in client routine drop_sync
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 15 Feb 2017 18:21:01 UTC
Severity: grave
Tags ...
Debian Bug report logs -
#840950
qemu: CVE-2016-8667: dma: rc4030 divide by zero error in set_next_tick
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 16 Oct 2016 12:21:02 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#855159
qemu: CVE-2017-5987: sd: infinite loop issue in multi block transfers
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 14 Feb 2017 19:45:02 UTC
Severity: important
...
Debian Bug report logs -
#854729
CVE-2017-5898
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 9 Feb 2017 22:42:01 UTC
Severity: important
Tags: security
Fixed in version qemu/1:28+dfsg-3
Done: Mic ...
Debian Bug report logs -
#839986
qemu: CVE-2016-7907: net: inifinte loop in imx_fec_do_tx() function
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 7 Oct 2016 06:45:01 UTC
Severity: normal
Tags: ...
Debian Bug report logs -
#855791
qemu: CVE-2017-2620: cirrus_bitblt_cputovideo does not check if memory region is safe
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 21 Feb 2017 16:06:01 UTC
Seve ...
Debian Bug report logs -
#853996
CVE-2017-5667 / CVE-2017-5856 / CVE-2017-5857
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 2 Feb 2017 22:06:02 UTC
Severity: important
Tags: security
Fixed in vers ...
Debian Bug report logs -
#853002
qemu: CVE-2017-5579: serial: host memory leakage 16550A UART emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 28 Jan 2017 20:51:04 UTC
Severity: normal
Ta ...
Debian Bug report logs -
#855611
qemu: CVE-2017-5973: usb: infinite loop while doing control transfer in xhci_kick_epctx
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 20 Feb 2017 19:21:04 UTC
Se ...
Debian Bug report logs -
#853006
qemu: CVE-2016-9602: 9p: virtfs allows guest to access host filesystem
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 28 Jan 2017 21:18:01 UTC
Severity: grave
Tag ...
Vulmon