Several security issues were fixed in QEMU ...
USN-3575-1 introduced a regression in QEMU ...
Synopsis
Low: qemu-kvm security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) b ...
Synopsis
Important: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton), Red Hat OpenStack Platform 110 (Ocata), Red Hat OpenStack Platform 120 (Pike), Red Hat OpenStack Platform ...
Synopsis
Important: qemu-kvm security update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Several vulnerabilities were discovered in qemu, a fast processor
emulator
CVE-2017-15038
Tuomas Tynkkynen discovered an information leak in 9pfs
CVE-2017-15119
Eric Blake discovered that the NBD server insufficiently restricts
large option requests, resulting in denial of service
CVE-2017-15124
Daniel Berrange discovered that t ...
Debian Bug report logs -
#884806
qemu: CVE-2017-15124: memory exhaustion through framebuffer update request message in VNC server
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 19 Dec 2017 21:42:0 ...
Debian Bug report logs -
#887392
qemu: CVE-2018-5683: Out-of-bounds read in vga_draw_text routine
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 15 Jan 2018 20:21:01 UTC
Severity: important
Tags: ...
Debian Bug report logs -
#892041
qemu: CVE-2018-7550: i386: multiboot OOB access while loading kernel image
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 4 Mar 2018 13:15:12 UTC
Severity: impor ...
Debian Bug report logs -
#882136
qemu: CVE-2017-16845: ps2: information leakage via post_load routine
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 19 Nov 2017 14:21:04 UTC
Severity: important
T ...
Debian Bug report logs -
#892497
qemu: CVE-2018-7858: cirrus: OOB access when updating vga display allowing for DoS
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 9 Mar 2018 18:12:01 UTC
Severit ...
Debian Bug report logs -
#886532
Coming updates for meltdown/spectre
Package:
qemu;
Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon)
Reported by: Nigel Kukard <nkukard@lbsdnet>
Date: Sun, 7 Jan 2018 12:15:02 UTC
Severity: grave
Fo ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
An out-of-bounds read access issue was found in the VGA display emulator built into the Quick emulator (QEMU) It could occur while reading VGA memory to update graphics display A privileged user/process inside guest could use this flaw to crash the QEMU process on the host resulting in denial of service situation(CVE-2017-13672)
A memory leakage ...
An out-of-bounds read access issue was found in the VGA emulator of QEMU It could occur in vga_draw_text routine, while updating display area for a vnc client A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS ...