Published: 02/05/2017 Updated: 10/09/2020

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu
debian debian linux 8.0

Several security issues were fixed in QEMU ...

USN-3414-1 introduced a regression in QEMU ...

Debian Bug report logs - #860785 qemu: CVE-2017-7471: 9p: virtfs allows guest to change filesystem attributes on host Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 20 Apr 2017 05:18:02 UTC Sever ...

Debian Bug report logs - #861348 qemu: CVE-2017-8086: 9pfs: host memory leakage via v9pfs_list_xattr Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Apr 2017 19:45:02 UTC Severity: normal Tags: ...

Debian Bug report logs - #861351 qemu: CVE-2017-8112: scsi: vmw_pvscsi: infinite loop in pvscsi_log2 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Apr 2017 20:09:01 UTC Severity: normal Tags ...

Debian Bug report logs - #862289 qemu: CVE-2017-8379: host memory lekage via keyboard events Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 10 May 2017 16:45:01 UTC Severity: minor Tags: patch, s ...

Debian Bug report logs - #862282 qemu: CVE-2017-8380: scsi: megasas: out-of-bounds read in megasas_mmio_write Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 10 May 2017 15:09:04 UTC Severity: nor ...

Debian Bug report logs - #862280 qemu: CVE-2017-8309: audio: host memory leakage via capture buffer Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 10 May 2017 14:57:04 UTC Severity: minor Tags: f ...

hw/scsi/vmw_pvscsic in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count ...

CWE-835 https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html https://bugzilla.redhat.com/show_bug.cgi?id=1445621 http://www.securityfocus.com/bid/98015 http://www.openwall.com/lists/oss-security/2017/04/26/5 https://security.gentoo.org/glsa/201706-03 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://nvd.nist.gov https://usn.ubuntu.com/3414-1/

CVE-2017-8112

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect