Published: 10/04/2017 Updated: 07/11/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6 | Impact Score: 4 | Exploitability Score: 1.5

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu 2.9.0
qemu qemu
debian debian linux 8.0

Several security issues were fixed in QEMU ...

Debian Bug report logs - #856969 qemu: CVE-2017-6505: infinite loop issue in ohci_service_ed_list Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 6 Mar 2017 18:51:01 UTC Severity: normal Tags: pa ...

Debian Bug report logs - #859854 qemu: CVE-2017-7377 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 7 Apr 2017 19:48:02 UTC Severity: important Tags: fixed-upstream, patch, security, upstream F ...

Debian Bug report logs - #857744 qemu: CVE-2016-9603: cirrus: heap buffer overflow via vnc connection Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 14 Mar 2017 16:15:01 UTC Severity: grave Tags: ...

Debian Bug report logs - #840950 qemu: CVE-2016-8667: dma: rc4030 divide by zero error in set_next_tick Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Oct 2016 12:21:02 UTC Severity: normal Ta ...

The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9pc in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid ...

CWE-772 https://lists.gnu.org/archive/html/qemu-devel/2017-03/msg05449.html https://bugzilla.redhat.com/show_bug.cgi?id=1437871 http://www.openwall.com/lists/oss-security/2017/04/03/2 http://www.securityfocus.com/bid/97319 https://security.gentoo.org/glsa/201706-03 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=d63fb193e71644a073b77ff5ac6f1216f2f6cf6e https://usn.ubuntu.com/3289-1/https://nvd.nist.gov

CVE-2017-7377

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect