Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.891599
Kategorie:Debian Local Security Checks
Titel:Debian LTS: Security Advisory for qemu (DLA-1599-1)
Zusammenfassung:Several vulnerabilities were found in QEMU, a fast processor emulator:;;CVE-2016-2391;;Zuozhi Fzz discovered that eof_times in USB OHCI emulation support;could be used to cause a denial of service, via a null pointer;dereference.;;CVE-2016-2392 / CVE-2016-2538;;Qinghao Tang found a NULL pointer dereference and multiple integer;overflows in the USB Net device support that could allow local guest;OS administrators to cause a denial of service. These issues related;to remote NDIS control message handling.;;CVE-2016-2841;;Yang Hongke reported an infinite loop vulnerability in the NE2000 NIC;emulation support.;;CVE-2016-2857;;Liu Ling found a flaw in QEMU IP checksum routines. Attackers could;take advantage of this issue to cause QEMU to crash.;;CVE-2016-2858;;Arbitrary stack based allocation in the Pseudo Random Number Generator;(PRNG) back-end support.;;Description truncated. Please see the references for more information.
Beschreibung:Summary:
Several vulnerabilities were found in QEMU, a fast processor emulator:

CVE-2016-2391

Zuozhi Fzz discovered that eof_times in USB OHCI emulation support
could be used to cause a denial of service, via a null pointer
dereference.

CVE-2016-2392 / CVE-2016-2538

Qinghao Tang found a NULL pointer dereference and multiple integer
overflows in the USB Net device support that could allow local guest
OS administrators to cause a denial of service. These issues related
to remote NDIS control message handling.

CVE-2016-2841

Yang Hongke reported an infinite loop vulnerability in the NE2000 NIC
emulation support.

CVE-2016-2857

Liu Ling found a flaw in QEMU IP checksum routines. Attackers could
take advantage of this issue to cause QEMU to crash.

CVE-2016-2858

Arbitrary stack based allocation in the Pseudo Random Number Generator
(PRNG) back-end support.

Description truncated. Please see the references for more information.

Affected Software/OS:
qemu on Debian Linux

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
1:2.1+dfsg-12+deb8u8.

We recommend that you upgrade your qemu packages.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-2391
BugTraq ID: 83263
http://www.securityfocus.com/bid/83263
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
http://www.openwall.com/lists/oss-security/2016/02/16/2
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03374.html
http://www.ubuntu.com/usn/USN-2974-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2392
BugTraq ID: 83274
http://www.securityfocus.com/bid/83274
https://security.gentoo.org/glsa/201604-01
http://www.openwall.com/lists/oss-security/2016/02/16/7
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg02553.html
http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2538
BugTraq ID: 83336
http://www.securityfocus.com/bid/83336
http://www.openwall.com/lists/oss-security/2016/02/22/3
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03658.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2841
BugTraq ID: 84028
http://www.securityfocus.com/bid/84028
https://security.gentoo.org/glsa/201609-01
http://www.openwall.com/lists/oss-security/2016/03/02/8
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg06126.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2857
BugTraq ID: 84130
http://www.securityfocus.com/bid/84130
http://www.openwall.com/lists/oss-security/2016/03/03/9
http://www.openwall.com/lists/oss-security/2016/03/07/3
RedHat Security Advisories: RHSA-2016:2670
http://rhn.redhat.com/errata/RHSA-2016-2670.html
RedHat Security Advisories: RHSA-2016:2671
http://rhn.redhat.com/errata/RHSA-2016-2671.html
RedHat Security Advisories: RHSA-2016:2704
http://rhn.redhat.com/errata/RHSA-2016-2704.html
RedHat Security Advisories: RHSA-2016:2705
http://rhn.redhat.com/errata/RHSA-2016-2705.html
RedHat Security Advisories: RHSA-2016:2706
http://rhn.redhat.com/errata/RHSA-2016-2706.html
RedHat Security Advisories: RHSA-2017:0083
http://rhn.redhat.com/errata/RHSA-2017-0083.html
RedHat Security Advisories: RHSA-2017:0309
http://rhn.redhat.com/errata/RHSA-2017-0309.html
RedHat Security Advisories: RHSA-2017:0334
http://rhn.redhat.com/errata/RHSA-2017-0334.html
RedHat Security Advisories: RHSA-2017:0344
http://rhn.redhat.com/errata/RHSA-2017-0344.html
RedHat Security Advisories: RHSA-2017:0350
http://rhn.redhat.com/errata/RHSA-2017-0350.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2858
BugTraq ID: 84134
http://www.securityfocus.com/bid/84134
http://www.openwall.com/lists/oss-security/2016/03/04/1
http://www.openwall.com/lists/oss-security/2016/03/07/4
Common Vulnerability Exposure (CVE) ID: CVE-2016-4001
BugTraq ID: 85976
http://www.securityfocus.com/bid/85976
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183275.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184209.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183350.html
http://www.openwall.com/lists/oss-security/2016/04/11/4
http://www.openwall.com/lists/oss-security/2016/04/12/6
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01334.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4002
BugTraq ID: 85992
http://www.securityfocus.com/bid/85992
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01131.html
http://www.openwall.com/lists/oss-security/2016/04/11/6
http://www.openwall.com/lists/oss-security/2016/04/12/7
Common Vulnerability Exposure (CVE) ID: CVE-2016-4020
BugTraq ID: 86067
http://www.securityfocus.com/bid/86067
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01118.html
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg01106.html
RedHat Security Advisories: RHSA-2017:1856
https://access.redhat.com/errata/RHSA-2017:1856
RedHat Security Advisories: RHSA-2017:2392
https://access.redhat.com/errata/RHSA-2017:2392
RedHat Security Advisories: RHSA-2017:2408
https://access.redhat.com/errata/RHSA-2017:2408
Common Vulnerability Exposure (CVE) ID: CVE-2016-4037
BugTraq ID: 86283
http://www.securityfocus.com/bid/86283
http://www.openwall.com/lists/oss-security/2016/04/18/3
http://www.openwall.com/lists/oss-security/2016/04/18/6
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02734.html
https://lists.gnu.org/archive/html/qemu-devel/2016-04/msg02691.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4439
BugTraq ID: 90760
http://www.securityfocus.com/bid/90760
http://www.openwall.com/lists/oss-security/2016/05/19/3
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03273.html
http://www.ubuntu.com/usn/USN-3047-1
http://www.ubuntu.com/usn/USN-3047-2
Common Vulnerability Exposure (CVE) ID: CVE-2016-4441
BugTraq ID: 90762
http://www.securityfocus.com/bid/90762
http://www.openwall.com/lists/oss-security/2016/05/19/4
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03274.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4453
BugTraq ID: 90928
http://www.securityfocus.com/bid/90928
http://www.openwall.com/lists/oss-security/2016/05/30/2
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05270.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4454
BugTraq ID: 90927
http://www.securityfocus.com/bid/90927
http://www.openwall.com/lists/oss-security/2016/05/30/3
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-4952
http://www.openwall.com/lists/oss-security/2016/05/23/1
http://www.openwall.com/lists/oss-security/2016/05/23/4
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg03774.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5105
http://www.openwall.com/lists/oss-security/2016/05/25/5
http://www.openwall.com/lists/oss-security/2016/05/26/7
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04419.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5106
http://www.openwall.com/lists/oss-security/2016/05/25/6
http://www.openwall.com/lists/oss-security/2016/05/26/8
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04340.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5107
BugTraq ID: 90874
http://www.securityfocus.com/bid/90874
http://www.openwall.com/lists/oss-security/2016/05/25/7
http://www.openwall.com/lists/oss-security/2016/05/26/9
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg04424.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5238
BugTraq ID: 90995
http://www.securityfocus.com/bid/90995
http://www.openwall.com/lists/oss-security/2016/06/02/2
http://www.openwall.com/lists/oss-security/2016/06/02/9
https://lists.gnu.org/archive/html/qemu-devel/2016-05/msg05691.html
https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg00150.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5337
BugTraq ID: 91097
http://www.securityfocus.com/bid/91097
http://www.openwall.com/lists/oss-security/2016/06/08/3
http://www.openwall.com/lists/oss-security/2016/06/08/13
https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-5338
BugTraq ID: 91079
http://www.securityfocus.com/bid/91079
http://www.openwall.com/lists/oss-security/2016/06/07/3
http://www.openwall.com/lists/oss-security/2016/06/08/14
https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01507.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6351
BugTraq ID: 92119
http://www.securityfocus.com/bid/92119
http://www.openwall.com/lists/oss-security/2016/07/25/14
http://www.openwall.com/lists/oss-security/2016/07/26/7
Common Vulnerability Exposure (CVE) ID: CVE-2016-6834
BugTraq ID: 92446
http://www.securityfocus.com/bid/92446
http://www.openwall.com/lists/oss-security/2016/08/11/8
http://www.openwall.com/lists/oss-security/2016/08/18/7
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6836
BugTraq ID: 92444
http://www.securityfocus.com/bid/92444
http://www.openwall.com/lists/oss-security/2016/08/11/5
http://www.openwall.com/lists/oss-security/2016/08/18/5
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg02108.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-6888
BugTraq ID: 92556
http://www.securityfocus.com/bid/92556
http://www.openwall.com/lists/oss-security/2016/08/19/6
http://www.openwall.com/lists/oss-security/2016/08/19/10
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03176.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7116
BugTraq ID: 92680
http://www.securityfocus.com/bid/92680
http://www.openwall.com/lists/oss-security/2016/08/30/1
http://www.openwall.com/lists/oss-security/2016/08/30/3
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg03917.html
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg04231.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7155
BugTraq ID: 92772
http://www.securityfocus.com/bid/92772
http://www.openwall.com/lists/oss-security/2016/09/06/2
http://www.openwall.com/lists/oss-security/2016/09/07/1
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00050.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7156
BugTraq ID: 92774
http://www.securityfocus.com/bid/92774
http://www.openwall.com/lists/oss-security/2016/09/06/3
http://www.openwall.com/lists/oss-security/2016/09/07/2
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00772.html
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01246.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7161
BugTraq ID: 93141
http://www.securityfocus.com/bid/93141
https://security.gentoo.org/glsa/201611-11
http://www.openwall.com/lists/oss-security/2016/09/23/6
http://www.openwall.com/lists/oss-security/2016/09/23/8
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01598.html
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01877.html
SuSE Security Announcement: openSUSE-SU-2016:3237 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7170
BugTraq ID: 92904
http://www.securityfocus.com/bid/92904
http://www.openwall.com/lists/oss-security/2016/09/09/4
http://www.openwall.com/lists/oss-security/2016/09/09/7
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01764.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7421
BugTraq ID: 92998
http://www.securityfocus.com/bid/92998
http://www.openwall.com/lists/oss-security/2016/09/16/3
http://www.openwall.com/lists/oss-security/2016/09/16/9
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03609.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7908
BugTraq ID: 93273
http://www.securityfocus.com/bid/93273
http://www.openwall.com/lists/oss-security/2016/10/03/2
http://www.openwall.com/lists/oss-security/2016/10/03/5
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg05557.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-7909
BugTraq ID: 93275
http://www.securityfocus.com/bid/93275
http://www.openwall.com/lists/oss-security/2016/10/03/3
http://www.openwall.com/lists/oss-security/2016/10/03/6
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8577
BugTraq ID: 93473
http://www.securityfocus.com/bid/93473
http://www.openwall.com/lists/oss-security/2016/10/10/7
http://www.openwall.com/lists/oss-security/2016/10/10/13
Common Vulnerability Exposure (CVE) ID: CVE-2016-8578
BugTraq ID: 93474
http://www.securityfocus.com/bid/93474
http://www.openwall.com/lists/oss-security/2016/10/10/8
http://www.openwall.com/lists/oss-security/2016/10/10/14
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07143.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8909
BugTraq ID: 93842
http://www.securityfocus.com/bid/93842
http://www.openwall.com/lists/oss-security/2016/10/24/1
http://www.openwall.com/lists/oss-security/2016/10/24/4
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg04682.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-8910
BugTraq ID: 93844
http://www.securityfocus.com/bid/93844
http://www.openwall.com/lists/oss-security/2016/10/24/2
http://www.openwall.com/lists/oss-security/2016/10/24/5
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9101
BugTraq ID: 93957
http://www.securityfocus.com/bid/93957
https://security.gentoo.org/glsa/201701-49
http://www.openwall.com/lists/oss-security/2016/10/27/14
http://www.openwall.com/lists/oss-security/2016/10/30/5
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg03024.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9102
BugTraq ID: 93962
http://www.securityfocus.com/bid/93962
http://www.openwall.com/lists/oss-security/2016/10/27/15
http://www.openwall.com/lists/oss-security/2016/10/30/6
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01861.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9103
BugTraq ID: 93955
http://www.securityfocus.com/bid/93955
http://www.openwall.com/lists/oss-security/2016/10/28/1
http://www.openwall.com/lists/oss-security/2016/10/30/7
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01790.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9104
BugTraq ID: 93956
http://www.securityfocus.com/bid/93956
http://www.openwall.com/lists/oss-security/2016/10/28/2
http://www.openwall.com/lists/oss-security/2016/10/30/8
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02942.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9105
BugTraq ID: 93965
http://www.securityfocus.com/bid/93965
http://www.openwall.com/lists/oss-security/2016/10/28/3
http://www.openwall.com/lists/oss-security/2016/10/30/9
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02608.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-9106
BugTraq ID: 93964
http://www.securityfocus.com/bid/93964
http://www.openwall.com/lists/oss-security/2016/10/28/4
http://www.openwall.com/lists/oss-security/2016/10/30/10
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02623.html
CopyrightCopyright (C) 2018 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.