Red Hat Security Advisory 2017-0621-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance.
5df48be0076ba6570122f9d535844bf11965e06ce3af382946e0d5a48b7e6d85
Red Hat Security Advisory 2016-2585-02 - Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance.
66556667bcdaedde71ce46eb068e1ab81d9f9e58d4430bb85f45454d38d4f155
Ubuntu Security Notice 2974-1 - Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak host memory bytes. Various other issues were also addressed.
17f7d26242cade4510f2fd199babbc3cc8a952a96c7f7115e5543fef485ef4eb
Debian Linux Security Advisory 3573-1 - Several vulnerabilities were discovered in qemu, a fast processor emulator.
ea5934b536467bc16729efc5389784740b9b6f8acd08cb5cd7bc14e55dc055c9