Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Virtualization
(Redhat)Repositories |
• https://github.com/torvalds/linux
• git://git.openssl.org/openssl.git • https://github.com/qos-ch/slf4j • https://github.com/bcgit/bc-java • https://github.com/rpm-software-management/yum-utils |
#Vulnerabilities | 131 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2016-04-12 | CVE-2016-2857 | The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet. | Ubuntu_linux, Debian_linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack, Virtualization | 8.4 | ||
2016-04-12 | CVE-2016-1568 | Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command. | Debian_linux, Qemu, Openstack, Virtualization | 8.8 | ||
2016-05-25 | CVE-2016-4020 | The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR). | Ubuntu_linux, Debian_linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack, Virtualization | 6.5 | ||
2016-06-01 | CVE-2016-5126 | Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call. | Ubuntu_linux, Debian_linux, Linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack, Virtualization | 7.8 | ||
2016-11-04 | CVE-2016-8576 | The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process. | Debian_linux, Leap, Qemu, Openstack, Virtualization | 6.0 | ||
2016-11-04 | CVE-2016-8909 | The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position. | Debian_linux, Leap, Qemu, Openstack, Virtualization | 6.0 | ||
2016-11-04 | CVE-2016-8669 | The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base. | Debian_linux, Leap, Qemu, Openstack, Virtualization | 6.0 | ||
2016-11-04 | CVE-2016-8910 | The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | Debian_linux, Leap, Qemu, Openstack, Virtualization | 6.0 | ||
2016-12-10 | CVE-2016-6835 | The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length. | Debian_linux, Qemu, Virtualization | 6.0 | ||
2016-12-10 | CVE-2016-7422 | The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. | Leap, Qemu, Openstack, Virtualization | 6.0 |