Debian : Security Vulnerabilities, CVEs, Published In 2016 (Denial of service)
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.
Max CVSS
6.5
EPSS Score
0.06%
Published
2016-12-23
Updated
2023-02-13
Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.
Max CVSS
6.5
EPSS Score
0.06%
Published
2016-12-29
Updated
2023-02-13
Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.
Max CVSS
6.5
EPSS Score
0.06%
Published
2016-12-29
Updated
2023-02-12
Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.
Max CVSS
6.5
EPSS Score
0.06%
Published
2016-12-29
Updated
2023-02-12
Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
Max CVSS
6.5
EPSS Score
0.06%
Published
2016-12-23
Updated
2023-02-13
Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.
Max CVSS
6.5
EPSS Score
0.06%
Published
2016-12-23
Updated
2023-02-12
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS.
Max CVSS
5.5
EPSS Score
0.06%
Published
2016-12-29
Updated
2020-11-10
Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation.
Max CVSS
9.8
EPSS Score
0.80%
Published
2016-12-12
Updated
2022-06-01
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-12-09
Updated
2023-02-13
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-12-09
Updated
2023-02-12
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.
Max CVSS
4.4
EPSS Score
0.06%
Published
2016-12-09
Updated
2020-10-21
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-12-09
Updated
2023-02-13
Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-12-09
Updated
2020-12-14
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-11-04
Updated
2023-02-12
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-11-04
Updated
2023-02-12
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
Max CVSS
7.5
EPSS Score
95.07%
Published
2016-11-02
Updated
2020-08-17
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-11-04
Updated
2023-02-12
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-11-04
Updated
2020-10-21
The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P operation.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-11-04
Updated
2020-10-21
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-11-04
Updated
2023-02-12
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-11-04
Updated
2023-02-12
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0.
Max CVSS
4.9
EPSS Score
0.06%
Published
2016-10-05
Updated
2020-11-10
The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
Max CVSS
4.4
EPSS Score
0.06%
Published
2016-10-05
Updated
2023-02-12
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
Max CVSS
9.8
EPSS Score
1.10%
Published
2016-09-28
Updated
2019-03-07
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.
Max CVSS
5.5
EPSS Score
1.05%
Published
2016-10-07
Updated
2016-10-11