Vulnerability & Exploit Database

Displaying all 4 entries

Results for: CVE-2017-5856 Back to search

Debian: CVE-2016-9602: qemu-kvm - security update Vulnerability

  • Severity: 9
  • Published: April 20, 2017

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-3261-1:

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU t...

Gentoo Linux: CVE-2017-5856: QEMU: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: March 16, 2017

Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.

Ubuntu: USN-3261-1 (CVE-2017-5856): QEMU vulnerabilities Vulnerability

  • Severity: 5
  • Published: February 27, 2017

Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.

SUSE: CVE-2017-5856: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: February 27, 2017

Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.