Errata ALT-PU-2017-1421-1: Information
Fixes
Published: March 15, 2017
BDU:2017-00646
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: March 15, 2017
BDU:2017-00647
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: March 15, 2017
BDU:2017-00648
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: March 15, 2017
BDU:2017-00649
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: March 15, 2017
BDU:2017-00650
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: March 15, 2017
BDU:2017-00651
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (2.1)
Links:
Published: March 16, 2017
BDU:2017-00652
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: March 16, 2017
BDU:2017-00653
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.9)
Links:
Published: March 16, 2017
BDU:2017-00654
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: LOW (2.1)
Links:
Published: March 20, 2017
BDU:2017-00773
Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
Severity: LOW (2.1)
Links:
Published: March 15, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-5525
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- 95671
- [oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in ac97 device
- [oss-security] 20170118 CVE request Qemu: audio: memory leakage in ac97 device
- GLSA-201702-28
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=12351a91da97b414eec8cdb09f1d9f41e535a401
Published: March 15, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-5526
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- 95669
- [oss-security] 20170118 Re: CVE request Qemu: audio: memory leakage in es1370 device
- [oss-security] 20170118 CVE request Qemu: audio: memory leakage in es1370 device
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
Published: March 15, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-5552
Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- 95773
- [oss-security] 20170120 Re: CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing
- [oss-security] 20170120 CVE request Qemu: display: virtio-gpu-3d: memory leakage in virgl_resource_attach_backing
- GLSA-201702-28
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=33243031dad02d161225ba99d782616da133f689
Published: March 15, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-5578
Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- 95781
- [oss-security] 20170125 Re: CVE request Qemu: display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing
- [oss-security] 20170123 CVE request Qemu: display: virtio-gpu: host memory leakage in virtio_gpu_resource_attach_backing
- GLSA-201702-28
- http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=204f01b30975923c64006f8067f0937b91eea68b
Published: March 15, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-5579
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- 95780
- [oss-security] 20170125 Re: CVE request Qemu: serial: host memory leakage in 16550A UART emulation
- [oss-security] 20170124 CVE request Qemu: serial: host memory leakage in 16550A UART emulation
- GLSA-201702-28
- RHSA-2017:2408
- RHSA-2017:2392
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=8409dc884a201bf74b30a9d232b6bbdd00cb7e2b
Published: March 16, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-5667
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=1417559
- [oss-security] 20170212 Re: Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- [oss-security] 20170131 Re: CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- [oss-security] 20170130 CVE request Qemu: sd: sdhci OOB access during multi block SDMA transfer
- 95885
- GLSA-201702-28
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
Published: March 16, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-5856
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=1418342
- [oss-security] 20170202 Re: CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
- [oss-security] 20170201 CVE request Qemu: scsi: megasas: host memory leakage in megasas_handle_dcmd
- 95999
- GLSA-201702-28
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3
Published: March 16, 2017
Modified: Feb. 13, 2023
Modified: Feb. 13, 2023
CVE-2017-5857
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=1418382
- [oss-security] 20170202 Re: CVE request Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
- [oss-security] 20170201 CVE request Qemu: display: virtio-gpu-3d: host memory leakage in virgl_cmd_resource_unref
- 95993
- GLSA-201702-28
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=5e8e3c4c75c199aa1017db816fca02be2a9f8798
Published: March 15, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-5898
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units (APDU) unit.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- GLSA-201702-28
- https://bugzilla.redhat.com/show_bug.cgi?id=1419699
- 96112
- [oss-security] 20170207 Re: CVE request Qemu: usb: integer overflow in emulated_apdu_from_guest
- SUSE-SU-2017:0582
- SUSE-SU-2017:0570
- RHSA-2017:2392
- RHSA-2017:1856
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a
Published: March 27, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-5973
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- [qemu-devel] 20170206 [PATCH] xhci: apply limits to loops
- https://bugzilla.redhat.com/show_bug.cgi?id=1421626
- 96220
- [oss-security] 20170214 CVE-2017-5973 Qemu: usb: infinite loop while doing control transfer in xhci_kick_epctx
- GLSA-201704-01
- RHSA-2017:2408
- RHSA-2017:2392
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=f89b60f6e5fee3923bedf80e82b4e5efc1bb156b
Published: March 20, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-5987
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- [qemu-devel] 20170213 Re: [Qemu-devel] [PATCH v3 1/4] sd: sdhci: check transfer mode register in multi block transfer
- https://bugzilla.redhat.com/show_bug.cgi?id=1421995
- 96263
- [oss-security] 20170214 CVE-2017-5987 Qemu: sd: infinite loop issue in multi block transfers
- GLSA-201704-01
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=6e86d90352adf6cb08295255220295cf23c4286e
Published: March 15, 2017
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2017-6505
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.
Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=1429432
- [oss-security] 20170306 CVE-2017-6505 Qemu: usb: an infinite loop issue in ohci_service_ed_list
- 96611
- GLSA-201704-01
- [debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update
- http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=95ed56939eb2eaa4e2f349fe6dcd13ca4edfd8fb