exploitDog

CVE-2017-5526

Опубликовано: 15 мар. 2017

Источник: debian

Описание

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	1:2.8+dfsg-2		package
qemu	no-dsa		wheezy	package
qemu-kvm	removed			package
qemu-kvm	no-dsa		wheezy	package

Примечания

https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01742.html
https://bugzilla.redhat.com/show_bug.cgi?id=1414209
http://git.qemu.org/?p=qemu.git;a=commit;h=069eb7b2b8fc47c7cb52e5a4af23ea98d939e3da
Sound device hotplug not supported by libvirt

Связанные уязвимости

CVE-2017-5526

CVSS3: 6.5

ubuntu

почти 9 лет назад

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

CVE-2017-5526

CVSS3: 4.1

redhat

около 9 лет назад

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

CVE-2017-5526

CVSS3: 6.5

nvd

почти 9 лет назад

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

SUSE-SU-2017:2751-1

suse-cvrf

больше 8 лет назад

Security update for xen

GHSA-7j76-ppf8-pw3x

CVSS3: 6.5

github

больше 3 лет назад

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.