Published: 23/05/2017 Updated: 04/08/2021

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu
debian debian linux 8.0
redhat openstack 6.0
redhat openstack 7.0
redhat openstack 8
redhat openstack 9
redhat openstack 10
redhat openstack 11

Several security issues were fixed in QEMU ...

Debian Bug report logs - #860785 qemu: CVE-2017-7471: 9p: virtfs allows guest to change filesystem attributes on host Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 20 Apr 2017 05:18:02 UTC Sever ...

Debian Bug report logs - #861348 qemu: CVE-2017-8086: 9pfs: host memory leakage via v9pfs_list_xattr Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Apr 2017 19:45:02 UTC Severity: normal Tags: ...

Debian Bug report logs - #861351 qemu: CVE-2017-8112: scsi: vmw_pvscsi: infinite loop in pvscsi_log2 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 27 Apr 2017 20:09:01 UTC Severity: normal Tags ...

Debian Bug report logs - #862289 qemu: CVE-2017-8379: host memory lekage via keyboard events Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 10 May 2017 16:45:01 UTC Severity: minor Tags: patch, s ...

Debian Bug report logs - #862282 qemu: CVE-2017-8380: scsi: megasas: out-of-bounds read in megasas_mmio_write Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 10 May 2017 15:09:04 UTC Severity: nor ...

Debian Bug report logs - #862280 qemu: CVE-2017-8309: audio: host memory leakage via capture buffer Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 10 May 2017 14:57:04 UTC Severity: minor Tags: f ...

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events ...

CWE-772 https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html http://www.securityfocus.com/bid/98277 http://www.openwall.com/lists/oss-security/2017/05/03/2 https://security.gentoo.org/glsa/201706-03 https://access.redhat.com/errata/RHSA-2017:2408 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html https://usn.ubuntu.com/3289-1/https://nvd.nist.gov

CVE-2017-8379

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect