English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.891497
Category:Debian Local Security Checks
Title:Debian: Security Advisory (DLA-1497-1)
Summary:The remote host is missing an update for the Debian 'qemu' package(s) announced via the DLA-1497-1 advisory.
Description:Summary:
The remote host is missing an update for the Debian 'qemu' package(s) announced via the DLA-1497-1 advisory.

Vulnerability Insight:
Several vulnerabilities were found in qemu, a fast processor emulator:

CVE-2015-8666

Heap-based buffer overflow in QEMU when built with the Q35-chipset-based PC system emulator

CVE-2016-2198

Null pointer dereference in ehci_caps_write in the USB EHCI support that may result in denial of service

CVE-2016-6833

Use after free while writing in the vmxnet3 device that could be used to cause a denial of service

CVE-2016-6835

Buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device that could result in denial of service

CVE-2016-8576

Infinite loop vulnerability in xhci_ring_fetch in the USB xHCI support

CVE-2016-8667 / CVE-2016-8669 Divide by zero errors in set_next_tick in the JAZZ RC4030 chipset emulator, and in serial_update_parameters of some serial devices, that could result in denial of service

CVE-2016-9602

Improper link following with VirtFS

CVE-2016-9603

Heap buffer overflow via vnc connection in the Cirrus CLGD 54xx VGA emulator support

CVE-2016-9776

Infinite loop while receiving data in the ColdFire Fast Ethernet Controller emulator

CVE-2016-9907

Memory leakage in the USB redirector usb-guest support

CVE-2016-9911

Memory leakage in ehci_init_transfer in the USB EHCI support

CVE-2016-9914 / CVE-2016-9915 / CVE-2016-9916 Plan 9 File System (9pfs): add missing cleanup operation in FileOperations, in the handle backend and in the proxy backend driver

CVE-2016-9921 / CVE-2016-9922 Divide by zero in cirrus_do_copy in the Cirrus CLGD 54xx VGA Emulator support

CVE-2016-10155

Memory leak in hw/watchdog/wdt_i6300esb.c allowing local guest OS privileged users to cause a denial of service via a large number of device unplug operations.

CVE-2017-2615 / CVE-2017-2620 / CVE-2017-18030 / CVE-2018-5683 / CVE-2017-7718 Out-of-bounds access issues in the Cirrus CLGD 54xx VGA emulator support, that could result in denial of service

CVE-2017-5525 / CVE-2017-5526 Memory leakage issues in the ac97 and es1370 device emulation

CVE-2017-5579

Most memory leakage in the 16550A UART emulation

CVE-2017-5667

Out-of-bounds access during multi block SDMA transfer in the SDHCI emulation support.

CVE-2017-5715

Mitigations against the Spectre v2 vulnerability. For more information please refer to [link moved to references]

CVE-2017-5856

Memory leak in the MegaRAID SAS 8708EM2 Host Bus Adapter emulation support

CVE-2017-5973 / CVE-2017-5987 / CVE-2017-6505 Infinite loop issues in the USB xHCI, in the transfer mode register of the SDHCI protocol, and the USB ohci_service_ed_list

CVE-2017-7377

9pfs: host memory leakage via v9fs_create

CVE-2017-7493

Improper access control issues in the host directory sharing via 9pfs support.

CVE-2017-7980

Heap-based buffer overflow in the Cirrus VGA device that could allow local guest OS users to execute arbitrary code or cause a denial of service

CVE-2017-8086

9pfs: host memory leakage via ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'qemu' package(s) on Debian 8.

Solution:
Please install the updated package(s).

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-8666
79670
http://www.securityfocus.com/bid/79670
GLSA-201602-01
https://security.gentoo.org/glsa/201602-01
[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
[oss-security] 20151224 CVE request Qemu: acpi: heap based buffer overrun during VM migration
http://www.openwall.com/lists/oss-security/2015/12/24/1
http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=d9a3b33d2c9f996537b7f1d0246dee2d0120cefb
https://bugzilla.redhat.com/show_bug.cgi?id=1283722
Common Vulnerability Exposure (CVE) ID: CVE-2016-10155
BugTraq ID: 95770
http://www.securityfocus.com/bid/95770
https://security.gentoo.org/glsa/201702-28
http://www.openwall.com/lists/oss-security/2017/01/20/14
http://www.openwall.com/lists/oss-security/2017/01/21/4
RedHat Security Advisories: RHSA-2017:2392
https://access.redhat.com/errata/RHSA-2017:2392
RedHat Security Advisories: RHSA-2017:2408
https://access.redhat.com/errata/RHSA-2017:2408
Common Vulnerability Exposure (CVE) ID: CVE-2016-2198
GLSA-201604-01
https://security.gentoo.org/glsa/201604-01
[oss-security] 20160129 CVE request Qemu: usb: ehci null pointer dereference in ehci_caps_write
http://www.openwall.com/lists/oss-security/2016/01/29/6
[oss-security] 20160130 Re: CVE request Qemu: usb: ehci null pointer dereference in ehci_caps_write
http://www.openwall.com/lists/oss-security/2016/01/30/2
[qemu-devel] 20160129 [PATCH] usb: ehci: add capability mmio write function
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg05899.html
https://bugzilla.redhat.com/show_bug.cgi?id=1301643
Common Vulnerability Exposure (CVE) ID: CVE-2016-6833
93255
http://www.securityfocus.com/bid/93255
GLSA-201609-01
https://security.gentoo.org/glsa/201609-01
[oss-security] 20160812 CVE request: Qemu net: vmxnet3: use after free while writing
http://www.openwall.com/lists/oss-security/2016/08/12/1
[oss-security] 20160817 Re: CVE request: Qemu net: vmxnet3: use after free while writing
http://www.openwall.com/lists/oss-security/2016/08/18/3
[qemu-devel] 20160809 [PULL 2/3] net: vmxnet3: check for device_active before write
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01602.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8
Common Vulnerability Exposure (CVE) ID: CVE-2016-6835
RHSA-2017:2392
[oss-security] 20160812 CVE request Qemu: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
http://www.openwall.com/lists/oss-security/2016/08/11/7
[oss-security] 20160817 Re: CVE request Qemu: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
http://www.openwall.com/lists/oss-security/2016/08/18/4
[qemu-devel] 20160810 Re: [PATCH] net: vmxnet: check IP header length
https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=93060258ae748573ca7197204125a2670047896d
Common Vulnerability Exposure (CVE) ID: CVE-2016-8576
93469
http://www.securityfocus.com/bid/93469
GLSA-201611-11
https://security.gentoo.org/glsa/201611-11
RHSA-2017:2408
[oss-security] 20161010 CVE request Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
http://www.openwall.com/lists/oss-security/2016/10/10/6
[oss-security] 20161010 Re: CVE request Qemu: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
http://www.openwall.com/lists/oss-security/2016/10/10/12
[qemu-devel] 20161007 Re: [PATCH] usb: xHCI: add check to limit command TRB processing
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01265.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=05f43d44e4bc26611ce25fd7d726e483f73363ce
openSUSE-SU-2016:3237
http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8667
93567
http://www.securityfocus.com/bid/93567
[oss-security] 20161014 CVE request Qemu: dma: rc4030 divide by zero error in set_next_tick
http://www.openwall.com/lists/oss-security/2016/10/14/6
[oss-security] 20161015 Re: CVE request Qemu: dma: rc4030 divide by zero error in set_next_tick
http://www.openwall.com/lists/oss-security/2016/10/15/4
[qemu-devel] 20161012 [PATCH] dma: rc4030: limit interval timer reload value
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02577.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8669
93563
http://www.securityfocus.com/bid/93563
[oss-security] 20161014 CVE request Qemu: char: divide by zero error in serial_update_parameters
http://www.openwall.com/lists/oss-security/2016/10/14/9
[oss-security] 20161015 Re: CVE request Qemu: char: divide by zero error in serial_update_parameters
http://www.openwall.com/lists/oss-security/2016/10/15/5
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3592fe0c919cf27a81d8e9f9b4f269553418bb01
Common Vulnerability Exposure (CVE) ID: CVE-2016-9602
BugTraq ID: 95461
http://www.securityfocus.com/bid/95461
https://security.gentoo.org/glsa/201704-01
http://www.openwall.com/lists/oss-security/2017/01/17/12
https://lists.gnu.org/archive/html/qemu-devel/2017-01/msg06225.html
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04347.html
http://www.securitytracker.com/id/1037604
Common Vulnerability Exposure (CVE) ID: CVE-2016-9603
BugTraq ID: 96893
http://www.securityfocus.com/bid/96893
https://security.gentoo.org/glsa/201706-03
https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html
RedHat Security Advisories: RHSA-2017:0980
https://access.redhat.com/errata/RHSA-2017:0980
RedHat Security Advisories: RHSA-2017:0981
https://access.redhat.com/errata/RHSA-2017:0981
RedHat Security Advisories: RHSA-2017:0982
https://access.redhat.com/errata/RHSA-2017:0982
RedHat Security Advisories: RHSA-2017:0983
https://access.redhat.com/errata/RHSA-2017:0983
RedHat Security Advisories: RHSA-2017:0984
https://access.redhat.com/errata/RHSA-2017:0984
RedHat Security Advisories: RHSA-2017:0985
https://access.redhat.com/errata/RHSA-2017:0985
RedHat Security Advisories: RHSA-2017:0987
https://access.redhat.com/errata/RHSA-2017:0987
RedHat Security Advisories: RHSA-2017:0988
https://access.redhat.com/errata/RHSA-2017:0988
RedHat Security Advisories: RHSA-2017:1205
https://access.redhat.com/errata/RHSA-2017:1205
RedHat Security Advisories: RHSA-2017:1206
https://access.redhat.com/errata/RHSA-2017:1206
RedHat Security Advisories: RHSA-2017:1441
https://access.redhat.com/errata/RHSA-2017:1441
http://www.securitytracker.com/id/1038023
Common Vulnerability Exposure (CVE) ID: CVE-2016-9776
94638
http://www.securityfocus.com/bid/94638
GLSA-201701-49
https://security.gentoo.org/glsa/201701-49
[oss-security] 20161202 CVE request Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive
http://www.openwall.com/lists/oss-security/2016/12/02/3
[oss-security] 20161202 Re: CVE request Qemu: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive
http://www.openwall.com/lists/oss-security/2016/12/02/8
[qemu-devel] 20161130 [PATCH] net: mcf: check receive buffer size register value
https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05324.html
https://bugzilla.redhat.com/show_bug.cgi?id=1400829
Common Vulnerability Exposure (CVE) ID: CVE-2016-9907
94759
http://www.securityfocus.com/bid/94759
[oss-security] 20161208 Re: CVE request Qemu: usb: redirector: memory leakage when destroying
http://www.openwall.com/lists/oss-security/2016/12/08/3
Common Vulnerability Exposure (CVE) ID: CVE-2016-9911
94762
http://www.securityfocus.com/bid/94762
[oss-security] 20161208 Re: CVE request: Qemu: usb: ehci: memory leakage in ehci_init_transfer
http://www.openwall.com/lists/oss-security/2016/12/08/5
Common Vulnerability Exposure (CVE) ID: CVE-2016-9914
94729
http://www.securityfocus.com/bid/94729
[oss-security] 20161207 CVE request Qemu: 9pfs: memory leakage via proxy/handle callbacks
http://www.openwall.com/lists/oss-security/2016/12/06/11
[oss-security] 20161208 Re: CVE request Qemu: 9pfs: memory leakage via proxy/handle callbacks
http://www.openwall.com/lists/oss-security/2016/12/08/7
[qemu-devel] 20161116 [PATCH v3 0/4] 9pfs: add cleanup operation in handle/proxy backend
https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=702dbcc274e2ca43be20ba64c758c0ca57dab91d
Common Vulnerability Exposure (CVE) ID: CVE-2016-9915
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=971f406b77a6eb84e0ad27dcc416b663765aee30
Common Vulnerability Exposure (CVE) ID: CVE-2016-9916
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=898ae90a44551d25b8e956fd87372d303c82fe68
Common Vulnerability Exposure (CVE) ID: CVE-2016-9921
94803
http://www.securityfocus.com/bid/94803
[oss-security] 20161209 Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy
http://www.openwall.com/lists/oss-security/2016/12/09/1
Common Vulnerability Exposure (CVE) ID: CVE-2016-9922
[qemu-devel] 20161205 [PULL 4/4] display: cirrus: check vga bits per pixel(bpp) value
https://lists.gnu.org/archive/html/qemu-devel/2016-12/msg00442.html
http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=4299b90e9ba9ce5ca9024572804ba751aa1a7e70
https://bugzilla.redhat.com/show_bug.cgi?id=1334398
Common Vulnerability Exposure (CVE) ID: CVE-2017-10806
BugTraq ID: 99475
http://www.securityfocus.com/bid/99475
Debian Security Information: DSA-3925 (Google Search)
http://www.debian.org/security/2017/dsa-3925
http://www.openwall.com/lists/oss-security/2017/07/07/1
https://lists.nongnu.org/archive/html/qemu-devel/2017-05/msg03087.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-10911
BugTraq ID: 99162
http://www.securityfocus.com/bid/99162
Debian Security Information: DSA-3920 (Google Search)
http://www.debian.org/security/2017/dsa-3920
Debian Security Information: DSA-3927 (Google Search)
http://www.debian.org/security/2017/dsa-3927
Debian Security Information: DSA-3945 (Google Search)
http://www.debian.org/security/2017/dsa-3945
https://security.gentoo.org/glsa/201708-03
http://www.securitytracker.com/id/1038720
Common Vulnerability Exposure (CVE) ID: CVE-2017-11434
BugTraq ID: 99923
http://www.securityfocus.com/bid/99923
http://www.openwall.com/lists/oss-security/2017/07/19/2
https://lists.gnu.org/archive/html/qemu-devel/2017-07/msg05001.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-14167
BugTraq ID: 100694
http://www.securityfocus.com/bid/100694
Debian Security Information: DSA-3991 (Google Search)
http://www.debian.org/security/2017/dsa-3991
http://www.openwall.com/lists/oss-security/2017/09/07/2
https://lists.nongnu.org/archive/html/qemu-devel/2017-09/msg01032.html
RedHat Security Advisories: RHSA-2017:3368
https://access.redhat.com/errata/RHSA-2017:3368
RedHat Security Advisories: RHSA-2017:3369
https://access.redhat.com/errata/RHSA-2017:3369
RedHat Security Advisories: RHSA-2017:3466
https://access.redhat.com/errata/RHSA-2017:3466
RedHat Security Advisories: RHSA-2017:3470
https://access.redhat.com/errata/RHSA-2017:3470
RedHat Security Advisories: RHSA-2017:3471
https://access.redhat.com/errata/RHSA-2017:3471
RedHat Security Advisories: RHSA-2017:3472
https://access.redhat.com/errata/RHSA-2017:3472
RedHat Security Advisories: RHSA-2017:3473
https://access.redhat.com/errata/RHSA-2017:3473
RedHat Security Advisories: RHSA-2017:3474
https://access.redhat.com/errata/RHSA-2017:3474
https://usn.ubuntu.com/3575-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-15038
Debian Security Information: DSA-4213 (Google Search)
https://www.debian.org/security/2018/dsa-4213
http://www.openwall.com/lists/oss-security/2017/10/06/1
https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg00729.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-15289
BugTraq ID: 101262
http://www.securityfocus.com/bid/101262
http://www.openwall.com/lists/oss-security/2017/10/12/16
https://lists.gnu.org/archive/html/qemu-devel/2017-10/msg02557.html
RedHat Security Advisories: RHSA-2018:0516
https://access.redhat.com/errata/RHSA-2018:0516
Common Vulnerability Exposure (CVE) ID: CVE-2017-16845
BugTraq ID: 101923
http://www.securityfocus.com/bid/101923
https://lists.gnu.org/archive/html/qemu-devel/2017-11/msg02982.html
https://usn.ubuntu.com/3649-1/
Common Vulnerability Exposure (CVE) ID: CVE-2017-18030
BugTraq ID: 102520
http://www.securityfocus.com/bid/102520
http://www.openwall.com/lists/oss-security/2018/01/15/3
Common Vulnerability Exposure (CVE) ID: CVE-2017-18043
BugTraq ID: 102759
http://www.securityfocus.com/bid/102759
http://www.openwall.com/lists/oss-security/2018/01/19/1
Common Vulnerability Exposure (CVE) ID: CVE-2017-2615
1037804
http://www.securitytracker.com/id/1037804
95990
http://www.securityfocus.com/bid/95990
GLSA-201702-27
https://security.gentoo.org/glsa/201702-27
GLSA-201702-28
RHSA-2017:0309
http://rhn.redhat.com/errata/RHSA-2017-0309.html
RHSA-2017:0328
http://rhn.redhat.com/errata/RHSA-2017-0328.html
RHSA-2017:0329
http://rhn.redhat.com/errata/RHSA-2017-0329.html
RHSA-2017:0330
http://rhn.redhat.com/errata/RHSA-2017-0330.html
RHSA-2017:0331
http://rhn.redhat.com/errata/RHSA-2017-0331.html
RHSA-2017:0332
http://rhn.redhat.com/errata/RHSA-2017-0332.html
RHSA-2017:0333
http://rhn.redhat.com/errata/RHSA-2017-0333.html
RHSA-2017:0334
http://rhn.redhat.com/errata/RHSA-2017-0334.html
RHSA-2017:0344
http://rhn.redhat.com/errata/RHSA-2017-0344.html
RHSA-2017:0350
http://rhn.redhat.com/errata/RHSA-2017-0350.html
RHSA-2017:0396
http://rhn.redhat.com/errata/RHSA-2017-0396.html
RHSA-2017:0454
http://rhn.redhat.com/errata/RHSA-2017-0454.html
[oss-security] 20170201 CVE-2017-2615 Qemu: display: cirrus: oob access while doing bitblt copy backward mode
http://www.openwall.com/lists/oss-security/2017/02/01/6
[qemu-devel] 20170201 [PATCH v3] cirrus: fix oob access issue (CVE-2017-2615)
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615
https://support.citrix.com/article/CTX220771
Common Vulnerability Exposure (CVE) ID: CVE-2017-2620
BugTraq ID: 96378
http://www.securityfocus.com/bid/96378
https://security.gentoo.org/glsa/201703-07
http://www.openwall.com/lists/oss-security/2017/02/21/1
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html
RedHat Security Advisories: RHSA-2017:0328
RedHat Security Advisories: RHSA-2017:0329
RedHat Security Advisories: RHSA-2017:0330
RedHat Security Advisories: RHSA-2017:0331
RedHat Security Advisories: RHSA-2017:0332
RedHat Security Advisories: RHSA-2017:0333
RedHat Security Advisories: RHSA-2017:0334
RedHat Security Advisories: RHSA-2017:0350
RedHat Security Advisories: RHSA-2017:0351
http://rhn.redhat.com/errata/RHSA-2017-0351.html
RedHat Security Advisories: RHSA-2017:0352
http://rhn.redhat.com/errata/RHSA-2017-0352.html
RedHat Security Advisories: RHSA-2017:0396
RedHat Security Advisories: RHSA-2017:0454
http://www.securitytracker.com/id/1037870
Common Vulnerability Exposure (CVE) ID: CVE-2017-5525
95671
http://www.securityfocus.com/bid/95671
[oss-security] 20170118 CVE request Qemu: audio: memory leakage in ac97 device
http://www.openwall.com/lists/oss-security/2017/01/17/19
[oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in ac97 device
http://www.openwall.com/lists/oss-security/2017/01/18/7
http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=12351a91da97b414eec8cdb09f1d9f41e535a401
Common Vulnerability Exposure (CVE) ID: CVE-2017-5526
95669
http://www.securityfocus.com/bid/95669
[oss-security] 20170118 CVE request Qemu: audio: memory leakage in es1370 device
http://www.openwall.com/lists/oss-security/2017/01/18/1
[oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in es1370 device
http://www.openwall.com/lists/oss-security/2017/01/18/8
http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
Common Vulnerability Exposure (CVE) ID: CVE-2017-5579
95780
http://www.securityfocus.com/bid/95780
[oss-security] 20170124 CVE request Qemu: serial: host memory leakage in 16550A UART emulation
http://www.openwall.com/lists/oss-security/2017/01/24/8
[oss-security] 20170125 Re: CVE request Qemu: serial: host memory leakage in 16550A UART emulation
http://www.openwall.com/lists/oss-security/2017/01/25/3
http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
Common Vulnerability Exposure (CVE) ID: CVE-2017-5667
95885
http://www.securityfocus.com/bid/95885
[oss-security] 20170130 CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
http://www.openwall.com/lists/oss-security/2017/01/30/2
[oss-security] 20170131 Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
http://www.openwall.com/lists/oss-security/2017/01/31/10
[oss-security] 20170212 Re: Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
http://www.openwall.com/lists/oss-security/2017/02/12/1
http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
https://bugzilla.redhat.com/show_bug.cgi?id=1417559
Common Vulnerability Exposure (CVE) ID: CVE-2017-5715
BugTraq ID: 102376
http://www.securityfocus.com/bid/102376
Bugtraq: 20190624 [SECURITY] [DSA 4469-1] libvirt security update (Google Search)
https://seclists.org/bugtraq/2019/Jun/36
Bugtraq: 20191112 FreeBSD Security Advisory FreeBSD-SA-19:26.mcu (Google Search)
https://seclists.org/bugtraq/2019/Nov/16
CERT/CC vulnerability note: VU#180049
https://www.kb.cert.org/vuls/id/180049
CERT/CC vulnerability note: VU#584653
http://www.kb.cert.org/vuls/id/584653
Cisco Security Advisory: 20180104 CPU Side-Channel Information Disclosure Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
Debian Security Information: DSA-4120 (Google Search)
https://www.debian.org/security/2018/dsa-4120
Debian Security Information: DSA-4187 (Google Search)
https://www.debian.org/security/2018/dsa-4187
Debian Security Information: DSA-4188 (Google Search)
https://www.debian.org/security/2018/dsa-4188
https://www.exploit-db.com/exploits/43427/
FreeBSD Security Advisory: FreeBSD-SA-19:26
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:03.speculative_execution.asc
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:26.mcu.asc
https://security.gentoo.org/glsa/201810-06
http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html
http://packetstormsecurity.com/files/155281/FreeBSD-Security-Advisory-FreeBSD-SA-19-26.mcu.html
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
https://spectreattack.com/
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
https://lists.debian.org/debian-lts-announce/2018/09/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/03/msg00025.html
https://lists.debian.org/debian-lts-announce/2021/08/msg00019.html
RedHat Security Advisories: RHSA-2018:0292
https://access.redhat.com/errata/RHSA-2018:0292
http://www.securitytracker.com/id/1040071
SuSE Security Announcement: SUSE-SU-2018:0006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00002.html
SuSE Security Announcement: SUSE-SU-2018:0007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00003.html
SuSE Security Announcement: SUSE-SU-2018:0008 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html
SuSE Security Announcement: SUSE-SU-2018:0009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00005.html
SuSE Security Announcement: SUSE-SU-2018:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
SuSE Security Announcement: SUSE-SU-2018:0011 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
SuSE Security Announcement: SUSE-SU-2018:0012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
SuSE Security Announcement: SUSE-SU-2018:0019 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00012.html
SuSE Security Announcement: SUSE-SU-2018:0020 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00013.html
SuSE Security Announcement: openSUSE-SU-2018:0013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00009.html
SuSE Security Announcement: openSUSE-SU-2018:0022 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
SuSE Security Announcement: openSUSE-SU-2018:0023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
https://usn.ubuntu.com/usn/usn-3516-1/
https://usn.ubuntu.com/3531-1/
https://usn.ubuntu.com/3531-3/
https://usn.ubuntu.com/3540-2/
https://usn.ubuntu.com/3541-2/
https://usn.ubuntu.com/3542-2/
https://usn.ubuntu.com/3549-1/
https://usn.ubuntu.com/3560-1/
https://usn.ubuntu.com/3561-1/
https://usn.ubuntu.com/3580-1/
https://usn.ubuntu.com/3581-1/
https://usn.ubuntu.com/3581-2/
https://usn.ubuntu.com/3582-1/
https://usn.ubuntu.com/3582-2/
https://usn.ubuntu.com/3594-1/
https://usn.ubuntu.com/3597-1/
https://usn.ubuntu.com/3597-2/
https://usn.ubuntu.com/3620-2/
https://usn.ubuntu.com/3690-1/
https://usn.ubuntu.com/3777-3/
Common Vulnerability Exposure (CVE) ID: CVE-2017-5856
95999
http://www.securityfocus.com/bid/95999
[oss-security] 20170201 CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
http://www.openwall.com/lists/oss-security/2017/02/01/19
[oss-security] 20170202 Re: CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
http://www.openwall.com/lists/oss-security/2017/02/02/14
http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3
https://bugzilla.redhat.com/show_bug.cgi?id=1418342
Common Vulnerability Exposure (CVE) ID: CVE-2017-5973
BugTraq ID: 96220
http://www.securityfocus.com/bid/96220
http://www.openwall.com/lists/oss-security/2017/02/13/11
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg01101.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-5987
BugTraq ID: 96263
http://www.securityfocus.com/bid/96263
http://www.openwall.com/lists/oss-security/2017/02/14/8
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg02776.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-6505
BugTraq ID: 96611
http://www.securityfocus.com/bid/96611
http://www.openwall.com/lists/oss-security/2017/03/06/6
Common Vulnerability Exposure (CVE) ID: CVE-2017-7377
BugTraq ID: 97319
http://www.securityfocus.com/bid/97319
http://www.openwall.com/lists/oss-security/2017/04/03/2
https://lists.gnu.org/archive/html/qemu-devel/2017-03/msg05449.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-7493
98574
http://www.securityfocus.com/bid/98574
GLSA-201706-03
[oss-security] 20170517 CVE-2017-7493 Qemu: 9pfs: guest privilege escalation in virtfs mapped-file mode
http://seclists.org/oss-sec/2017/q2/278
[qemu-devel] 20170516 [PULL] 9pfs: local: forbid client access to metadata (CVE-2017-7493)
https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg03663.html
https://bugzilla.redhat.com/show_bug.cgi?id=1451709
Common Vulnerability Exposure (CVE) ID: CVE-2017-7718
BugTraq ID: 97957
http://www.securityfocus.com/bid/97957
http://www.openwall.com/lists/oss-security/2017/04/19/4
RedHat Security Advisories: RHSA-2017:1430
https://access.redhat.com/errata/RHSA-2017:1430
RedHat Security Advisories: RHSA-2017:1431
https://access.redhat.com/errata/RHSA-2017:1431
Common Vulnerability Exposure (CVE) ID: CVE-2017-7980
BugTraq ID: 102129
http://www.securityfocus.com/bid/102129
BugTraq ID: 97955
http://www.securityfocus.com/bid/97955
http://www.openwall.com/lists/oss-security/2017/04/21/1
http://ubuntu.com/usn/usn-3289-1
Common Vulnerability Exposure (CVE) ID: CVE-2017-8086
BugTraq ID: 98012
http://www.securityfocus.com/bid/98012
http://www.openwall.com/lists/oss-security/2017/04/25/5
https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg01636.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-8112
BugTraq ID: 98015
http://www.securityfocus.com/bid/98015
http://www.openwall.com/lists/oss-security/2017/04/26/5
https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-8309
BugTraq ID: 98302
http://www.securityfocus.com/bid/98302
https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05587.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-8379
BugTraq ID: 98277
http://www.securityfocus.com/bid/98277
http://www.openwall.com/lists/oss-security/2017/05/03/2
https://lists.gnu.org/archive/html/qemu-devel/2017-04/msg05599.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-9330
BugTraq ID: 98779
http://www.securityfocus.com/bid/98779
http://www.openwall.com/lists/oss-security/2017/06/01/3
Common Vulnerability Exposure (CVE) ID: CVE-2017-9373
BugTraq ID: 98921
http://www.securityfocus.com/bid/98921
http://www.openwall.com/lists/oss-security/2017/06/05/1
Common Vulnerability Exposure (CVE) ID: CVE-2017-9374
BugTraq ID: 98905
http://www.securityfocus.com/bid/98905
http://www.openwall.com/lists/oss-security/2017/06/06/3
Common Vulnerability Exposure (CVE) ID: CVE-2017-9503
BugTraq ID: 99010
http://www.securityfocus.com/bid/99010
https://lists.debian.org/debian-lts-announce/2020/07/msg00020.html
http://www.openwall.com/lists/oss-security/2017/06/08/1
https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01309.html
https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg01313.html
Common Vulnerability Exposure (CVE) ID: CVE-2018-5683
BugTraq ID: 102518
http://www.securityfocus.com/bid/102518
https://lists.gnu.org/archive/html/qemu-devel/2018-01/msg02597.html
http://www.openwall.com/lists/oss-security/2018/01/15/2
RedHat Security Advisories: RHSA-2018:0816
https://access.redhat.com/errata/RHSA-2018:0816
RedHat Security Advisories: RHSA-2018:1104
https://access.redhat.com/errata/RHSA-2018:1104
RedHat Security Advisories: RHSA-2018:2162
https://access.redhat.com/errata/RHSA-2018:2162
Common Vulnerability Exposure (CVE) ID: CVE-2018-7550
BugTraq ID: 103181
http://www.securityfocus.com/bid/103181
https://github.com/orangecertcc/security-research/security/advisories/GHSA-f49v-45qp-cv53
https://lists.debian.org/debian-lts-announce/2018/04/msg00015.html
https://lists.debian.org/debian-lts-announce/2018/04/msg00016.html
https://lists.gnu.org/archive/html/qemu-devel/2018-02/msg06890.html
RedHat Security Advisories: RHSA-2018:1369
https://access.redhat.com/errata/RHSA-2018:1369
RedHat Security Advisories: RHSA-2018:2462
https://access.redhat.com/errata/RHSA-2018:2462
CopyrightCopyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.