Several security issues were fixed in QEMU ...
USN-3414-1 introduced a regression in QEMU ...
Multiple vulnerabilities were found in qemu, a fast processor
emulator:
CVE-2017-9310
Denial of service via infinite loop in e1000e NIC emulation
CVE-2017-9330
Denial of service via infinite loop in USB OHCI emulation
CVE-2017-9373
Denial of service via memory leak in IDE AHCI emulation
CVE-2017-9374
Denial of service via memory ...
Debian Bug report logs -
#864568
qemu: CVE-2017-9374: usb: ehci host memory leakage during hotunplug
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 10 Jun 2017 19:27:01 UTC
Severity: serious
Tags ...
Debian Bug report logs -
#864219
qemu: CVE-2017-9375: usb: xhci infinite recursive call via xhci_kick_ep
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:48:01 UTC
Severity: serious
...
Debian Bug report logs -
#865754
qemu: CVE-2017-9503: megasas: null pointer dereference while processing megasas command
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:09:02 UTC
Se ...
Debian Bug report logs -
#864216
qemu: CVE-2017-9373 ide: ahci host memory leakage during hotunplug
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 5 Jun 2017 11:42:05 UTC
Severity: serious
Tags: ...
Debian Bug report logs -
#866674
qemu: CVE-2017-10664: qemu-nbd: server breaks with SIGPIPE upon client abort
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 30 Jun 2017 19:03:01 UTC
Severity: ser ...
Debian Bug report logs -
#863840
qemu: CVE-2017-9310: net: infinite loop in e1000e NIC emulation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 31 May 2017 20:21:02 UTC
Severity: serious
Tags: fi ...
Debian Bug report logs -
#863943
qemu: CVE-2017-9330: usb: ohci: infinite loop due to incorrect return value
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 2 Jun 2017 06:21:01 UTC
Severity: seri ...
Debian Bug report logs -
#865755
qemu: CVE-2017-9524: nbd: segmentation fault due to client non-negotiation
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 24 Jun 2017 14:21:01 UTC
Severity: serio ...
QEMU (aka Quick Emulator) before 290, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505 ...