English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 150599 CVE descriptions
and 73533 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.891599
Category:Debian Local Security Checks
Title:Debian LTS Advisory ([SECURITY] [DLA 1599-1] qemu security update)
Summary:Several vulnerabilities were found in QEMU, a fast processor emulator:;;CVE-2016-2391;;Zuozhi Fzz discovered that eof_times in USB OHCI emulation support;could be used to cause a denial of service, via a null pointer;dereference.;;CVE-2016-2392 / CVE-2016-2538;;Qinghao Tang found a NULL pointer dereference and multiple integer;overflows in the USB Net device support that could allow local guest;OS administrators to cause a denial of service. These issues related;to remote NDIS control message handling.;;CVE-2016-2841;;Yang Hongke reported an infinite loop vulnerability in the NE2000 NIC;emulation support.;;CVE-2016-2857;;Liu Ling found a flaw in QEMU IP checksum routines. Attackers could;take advantage of this issue to cause QEMU to crash.;;CVE-2016-2858;;Arbitrary stack based allocation in the Pseudo Random Number Generator;(PRNG) back-end support.;;Description truncated. Please see the references for more information.
Description:Summary:
Several vulnerabilities were found in QEMU, a fast processor emulator:

CVE-2016-2391

Zuozhi Fzz discovered that eof_times in USB OHCI emulation support
could be used to cause a denial of service, via a null pointer
dereference.

CVE-2016-2392 / CVE-2016-2538

Qinghao Tang found a NULL pointer dereference and multiple integer
overflows in the USB Net device support that could allow local guest
OS administrators to cause a denial of service. These issues related
to remote NDIS control message handling.

CVE-2016-2841

Yang Hongke reported an infinite loop vulnerability in the NE2000 NIC
emulation support.

CVE-2016-2857

Liu Ling found a flaw in QEMU IP checksum routines. Attackers could
take advantage of this issue to cause QEMU to crash.

CVE-2016-2858

Arbitrary stack based allocation in the Pseudo Random Number Generator
(PRNG) back-end support.

Description truncated. Please see the references for more information.

Affected Software/OS:
qemu on Debian Linux

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
1:2.1+dfsg-12+deb8u8.

We recommend that you upgrade your qemu packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-2391
BugTraq ID: 83263
http://www.securityfocus.com/bid/83263
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
http://www.openwall.com/lists/oss-security/2016/02/16/2
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03374.html
http://www.ubuntu.com/usn/USN-2974-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2392
BugTraq ID: 83274
http://www.securityfocus.com/bid/83274
https://security.gentoo.org/glsa/201604-01
http://www.openwall.com/lists/oss-security/2016/02/16/7
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg02553.html
http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2538
BugTraq ID: 83336
http://www.securityfocus.com/bid/83336
http://www.openwall.com/lists/oss-security/2016/02/22/3
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03658.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2841
BugTraq ID: 84028
http://www.securityfocus.com/bid/84028
https://security.gentoo.org/glsa/201609-01
http://www.openwall.com/lists/oss-security/2016/03/02/8
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg06126.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2857
BugTraq ID: 84130
http://www.securityfocus.com/bid/84130
http://www.openwall.com/lists/oss-security/2016/03/03/9
http://www.openwall.com/lists/oss-security/2016/03/07/3
RedHat Security Advisories: RHSA-2016:2670
http://rhn.redhat.com/errata/RHSA-2016-2670.html
RedHat Security Advisories: RHSA-2016:2671
http://rhn.redhat.com/errata/RHSA-2016-2671.html
RedHat Security Advisories: RHSA-2016:2704
http://rhn.redhat.com/errata/RHSA-2016-2704.html
RedHat Security Advisories: RHSA-2016:2705
http://rhn.redhat.com/errata/RHSA-2016-2705.html
RedHat Security Advisories: RHSA-2016:2706
http://rhn.redhat.com/errata/RHSA-2016-2706.html
RedHat Security Advisories: RHSA-2017:0083
http://rhn.redhat.com/errata/RHSA-2017-0083.html
RedHat Security Advisories: RHSA-2017:0309
http://rhn.redhat.com/errata/RHSA-2017-0309.html
RedHat Security Advisories: RHSA-2017:0334
http://rhn.redhat.com/errata/RHSA-2017-0334.html
RedHat Security Advisories: RHSA-2017:0344
http://rhn.redhat.com/errata/RHSA-2017-0344.html
RedHat Security Advisories: RHSA-2017:0350
http://rhn.redhat.com/errata/RHSA-2017-0350.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2858
BugTraq ID: 84134
http://www.securityfocus.com/bid/84134
http://www.openwall.com/lists/oss-security/2016/03/04/1
http://www.openwall.com/lists/oss-security/2016/03/07/4
Common Vulnerability Exposure (CVE) ID: CVE-2016-4001
BugTraq ID: 85976
http://www.securityfocus.com/bid/85976
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html
http://www.openwall.com/lists/oss-security/2016/04/11/4
http://www.openwall.com/lists/oss-security/2016/04/12/6
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01334.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4002
BugTraq ID: 85992
http://www.securityfocus.com/bid/85992
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01131.html
http://www.openwall.com/lists/oss-security/2016/04/11/6
http://www.openwall.com/lists/oss-security/2016/04/12/7
Common Vulnerability Exposure (CVE) ID: CVE-2016-4020
BugTraq ID: 86067
http://www.securityfocus.com/bid/86067
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01118.html
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01106.html
RedHat Security Advisories: RHSA-2017:1856
https://access.redhat.com/errata/RHSA-2017:1856
RedHat Security Advisories: RHSA-2017:2392
https://access.redhat.com/errata/RHSA-2017:2392
RedHat Security Advisories: RHSA-2017:2408
https://access.redhat.com/errata/RHSA-2017:2408
Common Vulnerability Exposure (CVE) ID: CVE-2016-4037
BugTraq ID: 86283
http://www.securityfocus.com/bid/86283
http://www.openwall.com/lists/oss-security/2016/04/18/3
http://www.openwall.com/lists/oss-security/2016/04/18/6
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02734.html
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02691.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4439
BugTraq ID: 90760
http://www.securityfocus.com/bid/90760
http://www.openwall.com/lists/oss-security/2016/05/19/3
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03273.html
http://www.ubuntu.com/usn/USN-3047-1
http://www.ubuntu.com/usn/USN-3047-2
Common Vulnerability Exposure (CVE) ID: CVE-2016-4441
BugTraq ID: 90762
http://www.securityfocus.com/bid/90762
http://www.openwall.com/lists/oss-security/2016/05/19/4
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03274.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4453
BugTraq ID: 90928
http://www.securityfocus.com/bid/90928
http://www.openwall.com/lists/oss-security/2016/05/30/2
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05270.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4454
BugTraq ID: 90927
http://www.securityfocus.com/bid/90927
http://www.openwall.com/lists/oss-security/2016/05/30/3
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4952
http://www.openwall.com/lists/oss-security/2016/05/23/1
http://www.openwall.com/lists/oss-security/2016/05/23/4
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03774.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5105
http://www.openwall.com/lists/oss-security/2016/05/25/5
http://www.openwall.com/lists/oss-security/2016/05/26/7
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04419.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5106
http://www.openwall.com/lists/oss-security/2016/05/25/6
http://www.openwall.com/lists/oss-security/2016/05/26/8
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5107
BugTraq ID: 90874
http://www.securityfocus.com/bid/90874
http://www.openwall.com/lists/oss-security/2016/05/25/7
http://www.openwall.com/lists/oss-security/2016/05/26/9
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04424.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5238
BugTraq ID: 90995
http://www.securityfocus.com/bid/90995
http://www.openwall.com/lists/oss-security/2016/06/02/2
http://www.openwall.com/lists/oss-security/2016/06/02/9
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05691.html
https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00150.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5337
BugTraq ID: 91097
http://www.securityfocus.com/bid/91097
http://www.openwall.com/lists/oss-security/2016/06/08/3
http://www.openwall.com/lists/oss-security/2016/06/08/13
https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5338
BugTraq ID: 91079
http://www.securityfocus.com/bid/91079
http://www.openwall.com/lists/oss-security/2016/06/07/3
http://www.openwall.com/lists/oss-security/2016/06/08/14
https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6351
BugTraq ID: 92119
http://www.securityfocus.com/bid/92119
http://www.openwall.com/lists/oss-security/2016/07/25/14
http://www.openwall.com/lists/oss-security/2016/07/26/7
Common Vulnerability Exposure (CVE) ID: CVE-2016-6834
BugTraq ID: 92446
http://www.securityfocus.com/bid/92446
http://www.openwall.com/lists/oss-security/2016/08/11/8
http://www.openwall.com/lists/oss-security/2016/08/18/7
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6836
BugTraq ID: 92444
http://www.securityfocus.com/bid/92444
http://www.openwall.com/lists/oss-security/2016/08/11/5
http://www.openwall.com/lists/oss-security/2016/08/18/5
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6888
BugTraq ID: 92556
http://www.securityfocus.com/bid/92556
http://www.openwall.com/lists/oss-security/2016/08/19/6
http://www.openwall.com/lists/oss-security/2016/08/19/10
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03176.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7116
BugTraq ID: 92680
http://www.securityfocus.com/bid/92680
http://www.openwall.com/lists/oss-security/2016/08/30/1
http://www.openwall.com/lists/oss-security/2016/08/30/3
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03917.html
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04231.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7155
BugTraq ID: 92772
http://www.securityfocus.com/bid/92772
http://www.openwall.com/lists/oss-security/2016/09/06/2
http://www.openwall.com/lists/oss-security/2016/09/07/1
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00050.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7156
BugTraq ID: 92774
http://www.securityfocus.com/bid/92774
http://www.openwall.com/lists/oss-security/2016/09/06/3
http://www.openwall.com/lists/oss-security/2016/09/07/2
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00772.html
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01246.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7161
BugTraq ID: 93141
http://www.securityfocus.com/bid/93141
https://security.gentoo.org/glsa/201611-11
http://www.openwall.com/lists/oss-security/2016/09/23/6
http://www.openwall.com/lists/oss-security/2016/09/23/8
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01598.html
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01877.html
SuSE Security Announcement: openSUSE-SU-2016:3237 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7170
BugTraq ID: 92904
http://www.securityfocus.com/bid/92904
http://www.openwall.com/lists/oss-security/2016/09/09/4
http://www.openwall.com/lists/oss-security/2016/09/09/7
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7421
BugTraq ID: 92998
http://www.securityfocus.com/bid/92998
http://www.openwall.com/lists/oss-security/2016/09/16/3
http://www.openwall.com/lists/oss-security/2016/09/16/9
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7908
BugTraq ID: 93273
http://www.securityfocus.com/bid/93273
http://www.openwall.com/lists/oss-security/2016/10/03/2
http://www.openwall.com/lists/oss-security/2016/10/03/5
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7909
BugTraq ID: 93275
http://www.securityfocus.com/bid/93275
http://www.openwall.com/lists/oss-security/2016/10/03/3
http://www.openwall.com/lists/oss-security/2016/10/03/6
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8577
BugTraq ID: 93473
http://www.securityfocus.com/bid/93473
http://www.openwall.com/lists/oss-security/2016/10/10/7
http://www.openwall.com/lists/oss-security/2016/10/10/13
Common Vulnerability Exposure (CVE) ID: CVE-2016-8578
BugTraq ID: 93474
http://www.securityfocus.com/bid/93474
http://www.openwall.com/lists/oss-security/2016/10/10/8
http://www.openwall.com/lists/oss-security/2016/10/10/14
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8909
BugTraq ID: 93842
http://www.securityfocus.com/bid/93842
http://www.openwall.com/lists/oss-security/2016/10/24/1
http://www.openwall.com/lists/oss-security/2016/10/24/4
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04682.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8910
BugTraq ID: 93844
http://www.securityfocus.com/bid/93844
http://www.openwall.com/lists/oss-security/2016/10/24/2
http://www.openwall.com/lists/oss-security/2016/10/24/5
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9101
BugTraq ID: 93957
http://www.securityfocus.com/bid/93957
https://security.gentoo.org/glsa/201701-49
http://www.openwall.com/lists/oss-security/2016/10/27/14
http://www.openwall.com/lists/oss-security/2016/10/30/5
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9102
BugTraq ID: 93962
http://www.securityfocus.com/bid/93962
http://www.openwall.com/lists/oss-security/2016/10/27/15
http://www.openwall.com/lists/oss-security/2016/10/30/6
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9103
BugTraq ID: 93955
http://www.securityfocus.com/bid/93955
http://www.openwall.com/lists/oss-security/2016/10/28/1
http://www.openwall.com/lists/oss-security/2016/10/30/7
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9104
BugTraq ID: 93956
http://www.securityfocus.com/bid/93956
http://www.openwall.com/lists/oss-security/2016/10/28/2
http://www.openwall.com/lists/oss-security/2016/10/30/8
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9105
BugTraq ID: 93965
http://www.securityfocus.com/bid/93965
http://www.openwall.com/lists/oss-security/2016/10/28/3
http://www.openwall.com/lists/oss-security/2016/10/30/9
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9106
BugTraq ID: 93964
http://www.securityfocus.com/bid/93964
http://www.openwall.com/lists/oss-security/2016/10/28/4
http://www.openwall.com/lists/oss-security/2016/10/30/10
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
CopyrightCopyright (c) 2018 Greenbone Networks GmbH http://greenbone.net

This is only one of 73533 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.