Showing 1 - 3 of 3

CVE-2017-10806

Status Candidate

Overview

Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.

Related Files

Ubuntu Security Notice USN-3414-2: Posted Sep 20, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3414-2 - USN-3414-1 fixed vulnerabilities in QEMU. The patch backport for CVE-2017-9375 was incomplete and caused a regression in the USB xHCI controller emulation support. This update fixes the problem. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources or crash, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, denial of service, vulnerability; systems | linux, ubuntu; advisories | CVE-2017-10664, CVE-2017-10806, CVE-2017-10911, CVE-2017-11434, CVE-2017-12809, CVE-2017-7493, CVE-2017-8112, CVE-2017-8380, CVE-2017-9060, CVE-2017-9310, CVE-2017-9330, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375, CVE-2017-9503, CVE-2017-9524; MD5 | 92172bfdd6366a35c975fa4e430d2218; Download | Favorite | View

Ubuntu Security Notice USN-3414-1: Posted Sep 14, 2017; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3414-1 - Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources or crash, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2017-10664, CVE-2017-10806, CVE-2017-10911, CVE-2017-11434, CVE-2017-12809, CVE-2017-7493, CVE-2017-8112, CVE-2017-8380, CVE-2017-9060, CVE-2017-9310, CVE-2017-9330, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375, CVE-2017-9503, CVE-2017-9524; MD5 | 0392d6964c9f9ee67e40b47efe84d6b0; Download | Favorite | View

Debian Security Advisory 3925-1: Posted Aug 6, 2017; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3925-1 - Multiple vulnerabilities were found in qemu, a fast processor emulator.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2017-10806, CVE-2017-11334, CVE-2017-11443, CVE-2017-9524; MD5 | 891c5fec85e89b062c30730376dc45e2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 105 files
malvuln 57 files
Ubuntu 44 files
Erik David Martin 9 files
Jeenali Kothari 6 files
Soham Bakore 6 files
Google Security Research 6 files
Nakul Ratti 5 files
Tushar Vaidya 5 files
Christian Vierschilling 4 files

File Archives

Systems

AIX (421)
Apple (1,774)
BSD (368)
Cisco (1,902)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,040)
HPUX (873)
iOS (284)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,512)
Mac OS X (673)
Mandriva (3,105)
NetBSD (255)
OpenBSD (473)
RedHat (9,733)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,142)
UNIX (8,853)
UnixWare (180)
Windows (5,827)
Other

CVE-2017-10806

Overview

Related Files

File Archive:

March 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems