English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.842944
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-3125-1)
Summary:The remote host is missing an update for the 'qemu, qemu-kvm' package(s) announced via the USN-3125-1 advisory.
Description:Summary:
The remote host is missing an update for the 'qemu, qemu-kvm' package(s) announced via the USN-3125-1 advisory.

Vulnerability Insight:
Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A
privileged attacker inside the guest could use this issue to cause QEMU to
consume resources, resulting in a denial of service. (CVE-2016-5403)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network
card emulation support. A privileged attacker inside the guest could use
this issue to cause QEMU to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-6833, CVE-2016-6834, CVE-2016-6888)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network
card emulation support. A privileged attacker inside the guest could use
this issue to cause QEMU to crash, resulting in a denial of service, or
possibly execute arbitrary code on the host. In the default installation,
when QEMU is used with libvirt, attackers would be isolated by the libvirt
AppArmor profile. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS and Ubuntu 16.10. (CVE-2016-6835)

Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network
card emulation support. A privileged attacker inside the guest could use
this issue to possibly to obtain sensitive host memory. This issue only
affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10.
(CVE-2016-6836)

Felix Wilhelm discovered that QEMU incorrectly handled Plan 9 File System
(9pfs) support. A privileged attacker inside the guest could use this issue
to possibly to obtain sensitive host files. (CVE-2016-7116)

Li Qiang and Tom Victor discovered that QEMU incorrectly handled VMWARE
PVSCSI paravirtual SCSI bus emulation support. A privileged attacker inside
the guest could use this issue to cause QEMU to crash, resulting in a
denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04
LTS and Ubuntu 16.10. (CVE-2016-7155)

Li Qiang discovered that QEMU incorrectly handled VMWARE PVSCSI paravirtual
SCSI bus emulation support. A privileged attacker inside the guest could
use this issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu
16.10. (CVE-2016-7156, CVE-2016-7421)

Tom Victor discovered that QEMU incorrectly handled LSI SAS1068 host bus
emulation support. A privileged attacker inside the guest could use this
issue to cause QEMU to crash, resulting in a denial of service.
This issue only affected Ubuntu 16.10. (CVE-2016-7157)

Hu Chaojian discovered that QEMU incorrectly handled xlnx.xps-ethernetlite
emulation support. A privileged attacker inside the guest could use this
issue to cause QEMU to crash, resulting in a denial of service, or possibly
execute arbitrary code on the host. In the default installation, when QEMU
is used with libvirt, attackers would be isolated by the libvirt AppArmor
profile. (CVE-2016-7161)

Qinghao Tang and Li Qiang discovered that QEMU ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'qemu, qemu-kvm' package(s) on Ubuntu 12.04, Ubuntu 14.04, Ubuntu 16.04, Ubuntu 16.10.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-5403
1036476
http://www.securitytracker.com/id/1036476
92148
http://www.securityfocus.com/bid/92148
RHSA-2016:1585
http://rhn.redhat.com/errata/RHSA-2016-1585.html
RHSA-2016:1586
http://rhn.redhat.com/errata/RHSA-2016-1586.html
RHSA-2016:1606
http://rhn.redhat.com/errata/RHSA-2016-1606.html
RHSA-2016:1607
http://rhn.redhat.com/errata/RHSA-2016-1607.html
RHSA-2016:1652
http://rhn.redhat.com/errata/RHSA-2016-1652.html
RHSA-2016:1653
http://rhn.redhat.com/errata/RHSA-2016-1653.html
RHSA-2016:1654
http://rhn.redhat.com/errata/RHSA-2016-1654.html
RHSA-2016:1655
http://rhn.redhat.com/errata/RHSA-2016-1655.html
RHSA-2016:1756
http://rhn.redhat.com/errata/RHSA-2016-1756.html
RHSA-2016:1763
http://rhn.redhat.com/errata/RHSA-2016-1763.html
RHSA-2016:1943
http://rhn.redhat.com/errata/RHSA-2016-1943.html
USN-3047-1
http://www.ubuntu.com/usn/USN-3047-1
USN-3047-2
http://www.ubuntu.com/usn/USN-3047-2
[debian-lts-announce] 20190920 [SECURITY] [DLA 1927-1] qemu security update
https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://xenbits.xen.org/xsa/advisory-184.html
https://bugzilla.redhat.com/show_bug.cgi?id=1358359
Common Vulnerability Exposure (CVE) ID: CVE-2016-6833
93255
http://www.securityfocus.com/bid/93255
GLSA-201609-01
https://security.gentoo.org/glsa/201609-01
[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
[oss-security] 20160812 CVE request: Qemu net: vmxnet3: use after free while writing
http://www.openwall.com/lists/oss-security/2016/08/12/1
[oss-security] 20160817 Re: CVE request: Qemu net: vmxnet3: use after free while writing
http://www.openwall.com/lists/oss-security/2016/08/18/3
[qemu-devel] 20160809 [PULL 2/3] net: vmxnet3: check for device_active before write
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8
Common Vulnerability Exposure (CVE) ID: CVE-2016-6834
92446
http://www.securityfocus.com/bid/92446
[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
[oss-security] 20160812 CVE request Qemu: an infinite loop during packet fragmentation
http://www.openwall.com/lists/oss-security/2016/08/11/8
[oss-security] 20160817 Re: CVE request Qemu: an infinite loop during packet fragmentation
http://www.openwall.com/lists/oss-security/2016/08/18/7
[qemu-devel] 20160809 [PULL 1/3] net: check fragment length during fragmentation
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ead315e43ea0c2ca3491209c6c8db8ce3f2bbe05
Common Vulnerability Exposure (CVE) ID: CVE-2016-6835
RHSA-2017:2392
https://access.redhat.com/errata/RHSA-2017:2392
[oss-security] 20160812 CVE request Qemu: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
http://www.openwall.com/lists/oss-security/2016/08/11/7
[oss-security] 20160817 Re: CVE request Qemu: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
http://www.openwall.com/lists/oss-security/2016/08/18/4
[qemu-devel] 20160810 Re: [PATCH] net: vmxnet: check IP header length
https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=93060258ae748573ca7197204125a2670047896d
Common Vulnerability Exposure (CVE) ID: CVE-2016-6836
92444
http://www.securityfocus.com/bid/92444
[oss-security] 20160812 CVE Request Qemu: Information leak in vmxnet3_complete_packet
http://www.openwall.com/lists/oss-security/2016/08/11/5
[oss-security] 20160817 Re: CVE Request Qemu: Information leak in vmxnet3_complete_packet
http://www.openwall.com/lists/oss-security/2016/08/18/5
[qemu-devel] 20160811 [PATCH] net: vmxnet: initialise local tx descriptor
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fdda170e50b8af062cf5741e12c4fb5e57a2eacf
Common Vulnerability Exposure (CVE) ID: CVE-2016-6888
BugTraq ID: 92556
http://www.securityfocus.com/bid/92556
http://www.openwall.com/lists/oss-security/2016/08/19/6
http://www.openwall.com/lists/oss-security/2016/08/19/10
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03176.html
RedHat Security Advisories: RHSA-2017:2392
RedHat Security Advisories: RHSA-2017:2408
https://access.redhat.com/errata/RHSA-2017:2408
Common Vulnerability Exposure (CVE) ID: CVE-2016-7116
92680
http://www.securityfocus.com/bid/92680
[oss-security] 20160830 CVE request: Qemu: 9p: directory traversal flaw in 9p virtio backend
http://www.openwall.com/lists/oss-security/2016/08/30/1
[oss-security] 20160830 Re: CVE request: Qemu: 9p: directory traversal flaw in 9p virtio backend
http://www.openwall.com/lists/oss-security/2016/08/30/3
[qemu-devel] 20160826 [PATCH v2 0/5] 9P security fixes
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03917.html
[qemu-devel] 20160830 [PATCH v4 0/3] 9pfs security fixes
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04231.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=56f101ecce0eafd09e2daf1c4eeb1377d6959261
Common Vulnerability Exposure (CVE) ID: CVE-2016-7155
BugTraq ID: 92772
http://www.securityfocus.com/bid/92772
http://www.openwall.com/lists/oss-security/2016/09/06/2
http://www.openwall.com/lists/oss-security/2016/09/07/1
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00050.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7156
BugTraq ID: 92774
http://www.securityfocus.com/bid/92774
http://www.openwall.com/lists/oss-security/2016/09/06/3
http://www.openwall.com/lists/oss-security/2016/09/07/2
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00772.html
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01246.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7157
BugTraq ID: 92775
http://www.securityfocus.com/bid/92775
http://www.openwall.com/lists/oss-security/2016/09/06/4
http://www.openwall.com/lists/oss-security/2016/09/07/3
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04295.html
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04296.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7161
BugTraq ID: 93141
http://www.securityfocus.com/bid/93141
https://security.gentoo.org/glsa/201611-11
http://www.openwall.com/lists/oss-security/2016/09/23/6
http://www.openwall.com/lists/oss-security/2016/09/23/8
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01598.html
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01877.html
SuSE Security Announcement: openSUSE-SU-2016:3237 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7170
92904
http://www.securityfocus.com/bid/92904
[oss-security] 20160909 CVE Request Qemu: vmware_vga: OOB stack memory access when processing svga command
http://www.openwall.com/lists/oss-security/2016/09/09/4
[oss-security] 20160909 Re: CVE Request Qemu: vmware_vga: OOB stack memory access when processing svga command
http://www.openwall.com/lists/oss-security/2016/09/09/7
[qemu-devel] 20160908 [PATCH] vmsvga: correct bitmap and pixmap size checks
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=167d97a3def77ee2dbf6e908b0ecbfe2103977db
openSUSE-SU-2016:3237
Common Vulnerability Exposure (CVE) ID: CVE-2016-7421
92998
http://www.securityfocus.com/bid/92998
[oss-security] 20160916 CVE Request: Qemu: scsi: pvscsi: infinite loop when processing IO requests
http://www.openwall.com/lists/oss-security/2016/09/16/3
[oss-security] 20160916 Re: CVE Request: Qemu: scsi: pvscsi: infinite loop when processing IO requests
http://www.openwall.com/lists/oss-security/2016/09/16/9
[qemu-devel] 20160915 [PULL 07/17] scsi: pvscsi: limit process IO loop to ring size
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=d251157ac1928191af851d199a9ff255d330bec9
Common Vulnerability Exposure (CVE) ID: CVE-2016-7422
92996
http://www.securityfocus.com/bid/92996
RHSA-2017:2408
[oss-security] 20160916 CVE request Qemu: virtio: null pointer dereference in virtqueu_map_desc
http://www.openwall.com/lists/oss-security/2016/09/16/4
[oss-security] 20160916 Re: CVE request Qemu: virtio: null pointer dereference in virtqueu_map_desc
http://www.openwall.com/lists/oss-security/2016/09/16/10
[qemu-devel] 20160915 [PATCH] virtio: add check for descriptor's mapped address
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03546.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=973e7170dddefb491a48df5cba33b2ae151013a0
Common Vulnerability Exposure (CVE) ID: CVE-2016-7423
92997
http://www.securityfocus.com/bid/92997
GLSA-201611-11
[oss-security] 20160916 CVE request Qemu: scsi: mptsas: OOB access when freeing MPTSASRequest object
http://www.openwall.com/lists/oss-security/2016/09/16/5
[oss-security] 20160916 Re: CVE request Qemu: scsi: mptsas: OOB access when freeing MPTSASRequest object
http://www.openwall.com/lists/oss-security/2016/09/16/11
[qemu-devel] 20160915 [PULL 03/17] scsi: mptsas: use g_new0 to allocate MPTSASRequest object
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03604.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5
https://bugzilla.redhat.com/show_bug.cgi?id=1376776
Common Vulnerability Exposure (CVE) ID: CVE-2016-7466
93029
http://www.securityfocus.com/bid/93029
[oss-security] 20160920 CVE Request Qemu: usb: xhci memory leakage during device unplug
http://www.openwall.com/lists/oss-security/2016/09/19/8
[oss-security] 20160920 Re: CVE Request Qemu: usb: xhci memory leakage during device unplug
http://www.openwall.com/lists/oss-security/2016/09/20/3
[qemu-devel] 20160913 [PATCH v2] usb:xhci:fix memory leak in usb_xhci_exit
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg02773.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=b53dd4495ced2432a0b652ea895e651d07336f7e
Common Vulnerability Exposure (CVE) ID: CVE-2016-7908
93273
http://www.securityfocus.com/bid/93273
[oss-security] 20161003 CVE request Qemu: net: Infinite loop in mcf_fec_do_tx
http://www.openwall.com/lists/oss-security/2016/10/03/2
[oss-security] 20161003 Re: CVE request Qemu: net: Infinite loop in mcf_fec_do_tx
http://www.openwall.com/lists/oss-security/2016/10/03/5
[qemu-devel] 20160922 [PATCH v2] net: mcf: limit buffer descriptor count
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=070c4b92b8cd5390889716677a0b92444d6e087a
Common Vulnerability Exposure (CVE) ID: CVE-2016-7909
93275
http://www.securityfocus.com/bid/93275
[oss-security] 20161003 CVE Request Qemu: net: pcnet: infinite loop in pcnet_rdra_addr
http://www.openwall.com/lists/oss-security/2016/10/03/3
[oss-security] 20161003 Re: CVE Request Qemu: net: pcnet: infinite loop in pcnet_rdra_addr
http://www.openwall.com/lists/oss-security/2016/10/03/6
[qemu-devel] 20160930 [PATCH 1/2] net: pcnet: check rx/tx descriptor ring length
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7994
93453
http://www.securityfocus.com/bid/93453
[oss-security] 20161007 CVE request Qemu virtio-gpu: memory leak in virtio_gpu_resource_create_2d
http://www.openwall.com/lists/oss-security/2016/10/07/2
[oss-security] 20161008 Re: CVE request Qemu virtio-gpu: memory leak in virtio_gpu_resource_create_2d
http://www.openwall.com/lists/oss-security/2016/10/08/3
[qemu-devel] 20160919 Re: [PATCH] virtio-gpu: fix memory leak in virtio_gpu_resource_create_2d
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04083.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7995
93454
http://www.securityfocus.com/bid/93454
[oss-security] 20161007 CVE request Qemu: usb: hcd-ehci: memory leak in ehci_process_itd
http://www.openwall.com/lists/oss-security/2016/10/07/3
[oss-security] 20161008 Re: CVE request Qemu: usb: hcd-ehci: memory leak in ehci_process_itd
http://www.openwall.com/lists/oss-security/2016/10/08/4
[qemu-devel] 20160926 Re: [PATCH] usb: ehci: fix memory leak in ehci_process_itd
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg06609.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=b16c129daf0fed91febbb88de23dae8271c8898a
Common Vulnerability Exposure (CVE) ID: CVE-2016-8576
93469
http://www.securityfocus.com/bid/93469
[oss-security] 20161010 CVE request Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
http://www.openwall.com/lists/oss-security/2016/10/10/6
[oss-security] 20161010 Re: CVE request Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
http://www.openwall.com/lists/oss-security/2016/10/10/12
[qemu-devel] 20161007 Re: [PATCH] usb: xHCI: add check to limit command TRB processing
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01265.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=05f43d44e4bc26611ce25fd7d726e483f73363ce
Common Vulnerability Exposure (CVE) ID: CVE-2016-8577
93473
http://www.securityfocus.com/bid/93473
[oss-security] 20161010 CVE request: Qemu: 9pfs: host memory leakage in v9fs_read
http://www.openwall.com/lists/oss-security/2016/10/10/7
[oss-security] 20161010 Re: CVE request: Qemu: 9pfs: host memory leakage in v9fs_read
http://www.openwall.com/lists/oss-security/2016/10/10/13
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=e95c9a493a5a8d6f969e86c9f19f80ffe6587e19
Common Vulnerability Exposure (CVE) ID: CVE-2016-8578
93474
http://www.securityfocus.com/bid/93474
[oss-security] 20161010 CVE request Qemu: 9pfs: potential NULL dereferencein 9pfs routines
http://www.openwall.com/lists/oss-security/2016/10/10/8
[oss-security] 20161010 Re: CVE request Qemu: 9pfs: potential NULL dereferencein 9pfs routines
http://www.openwall.com/lists/oss-security/2016/10/10/14
[qemu-devel] 20160927 Re: [PATCH] 9pfs: make unmarshal V9fsString more robust
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8668
93566
http://www.securityfocus.com/bid/93566
[oss-security] 20161014 CVE request Qemu: net: OOB buffer access in rocker switch emulation
http://www.openwall.com/lists/oss-security/2016/10/14/8
[oss-security] 20161015 Re: CVE request Qemu: net: OOB buffer access in rocker switch emulation
http://www.openwall.com/lists/oss-security/2016/10/15/9
[qemu-devel] 20161012 [PATCH] net: rocker: set limit to DMA buffer size
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02501.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8909
93842
http://www.securityfocus.com/bid/93842
[oss-security] 20161024 CVE request Qemu: audio: intel-hda: infinite loop in processing dma buffer stream
http://www.openwall.com/lists/oss-security/2016/10/24/1
[oss-security] 20161024 Re: CVE request Qemu: audio: intel-hda: infinite loop in processing dma buffer stream
http://www.openwall.com/lists/oss-security/2016/10/24/4
[qemu-devel] 20161020 [PATCH] audio: intel-hda: check stream entry count during transfer
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04682.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8910
93844
http://www.securityfocus.com/bid/93844
[oss-security] 20161024 CVE request Qemu: net: rtl8139: infinite loop while transmit in C+ mode
http://www.openwall.com/lists/oss-security/2016/10/24/2
[oss-security] 20161024 Re: CVE request Qemu: net: rtl8139: infinite loop while transmit in C+ mode
http://www.openwall.com/lists/oss-security/2016/10/24/5
[qemu-devel] 20161024 [PATCH] net: rtl8139: limit processing of ring descript
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9101
93957
http://www.securityfocus.com/bid/93957
GLSA-201701-49
https://security.gentoo.org/glsa/201701-49
[oss-security] 20161028 CVE request Qemu: net: eepro100 memory leakage at device unplug
http://www.openwall.com/lists/oss-security/2016/10/27/14
[oss-security] 20161030 Re: CVE request Qemu: net: eepro100 memory leakage at device unplug
http://www.openwall.com/lists/oss-security/2016/10/30/5
[qemu-devel] 20161013 [PATCH] eepro100: Fix memory leak and simplify code for VMStateDescription
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9102
93962
http://www.securityfocus.com/bid/93962
[oss-security] 20161028 CVE request Qemu: 9pfs: memory leakage when creating extended attribute
http://www.openwall.com/lists/oss-security/2016/10/27/15
[oss-security] 20161030 Re: CVE request Qemu: 9pfs: memory leakage when creating extended attribute
http://www.openwall.com/lists/oss-security/2016/10/30/6
[qemu-devel] 20161010 Re: [PATCH] 9pfs: fix memory leak in v9fs_xattrcreate
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ff55e94d23ae94c8628b0115320157c763eb3e06
Common Vulnerability Exposure (CVE) ID: CVE-2016-9103
93955
http://www.securityfocus.com/bid/93955
[oss-security] 20161028 CVE request Qemu: 9pfs: information leakage via xattribute
http://www.openwall.com/lists/oss-security/2016/10/28/1
[oss-security] 20161030 Re: CVE request Qemu: 9pfs: information leakage via xattribute
http://www.openwall.com/lists/oss-security/2016/10/30/7
[qemu-devel] 20161010 Re: [PATCH 1/2] 9pfs: fix information leak in xattr read
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=eb687602853b4ae656e9236ee4222609f3a6887d
Common Vulnerability Exposure (CVE) ID: CVE-2016-9104
93956
http://www.securityfocus.com/bid/93956
[oss-security] 20161028 CVE request Qemu: 9pfs: integer overflow leading to OOB access
http://www.openwall.com/lists/oss-security/2016/10/28/2
[oss-security] 20161030 Re: CVE request Qemu: 9pfs: integer overflow leading to OOB access
http://www.openwall.com/lists/oss-security/2016/10/30/8
[qemu-devel] 20161013 Re: [PATCH v3 3/3] 9pfs: fix integer overflow issue in xattr read/write
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9105
93965
http://www.securityfocus.com/bid/93965
[oss-security] 20161028 CVE request Qemu: memory leakage in v9fs_link
http://www.openwall.com/lists/oss-security/2016/10/28/3
[oss-security] 20161030 Re: CVE request Qemu: memory leakage in v9fs_link
http://www.openwall.com/lists/oss-security/2016/10/30/9
[qemu-devel] 20161012 Re: [PATCH] 9pfs: fix memory leak in v9fs_link
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=4c1586787ff43c9acd18a56c12d720e3e6be9f7c
Common Vulnerability Exposure (CVE) ID: CVE-2016-9106
93964
http://www.securityfocus.com/bid/93964
[oss-security] 20161028 CVE request Qemu: 9pfs: memory leakage in v9fs_write
http://www.openwall.com/lists/oss-security/2016/10/28/4
[oss-security] 20161030 Re: CVE request Qemu: 9pfs: memory leakage in v9fs_write
http://www.openwall.com/lists/oss-security/2016/10/30/10
[qemu-devel] 20161012 Re: [PATCH v2] 9pfs: fix memory leak in v9fs_write
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fdfcc9aeea1492f4b819a24c94dfb678145b1bf9
CopyrightCopyright (C) 2016 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.