Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9907

Опубликовано: 23 дек. 2016
Источник: debian

Описание

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qemufixed1:2.8+dfsg-1package
qemunot-affectedwheezypackage
qemu-kvmremovedpackage
qemu-kvmnot-affectedwheezypackage

Примечания

  • https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg01379.html

  • http://git.qemu.org/?p=qemu.git;a=commit;h=07b026fd82d6cf11baf7d7c603c4f5f6070b35bf

  • https://www.openwall.com/lists/oss-security/2016/12/06/3

  • Leakage introduced after 1.2.50: http://git.qemu.org/?p=qemu.git;a=commit;h=fc3f6e1b106abcf6b8cf487ac8f8e5fc2fd86776

Связанные уязвимости

ubuntu логотип

CVE-2016-9907

CVSS3: 6.5
ubuntu
около 9 лет назад

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

redhat логотип

CVE-2016-9907

CVSS3: 3
redhat
больше 9 лет назад

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

nvd логотип

CVE-2016-9907

CVSS3: 6.5
nvd
около 9 лет назад

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

github логотип

GHSA-j9gg-mhrv-x578

CVSS3: 6.5
github
больше 3 лет назад

Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

fstec логотип

BDU:2017-00075

fstec
около 9 лет назад

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность данных