Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-17381

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-06 Dec, 2017 | 16:00
Updated At-05 Aug, 2024 | 20:51
Rejected At-
Credits

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:06 Dec, 2017 | 16:00
Updated At:05 Aug, 2024 | 20:51
Rejected At:
▼CVE Numbering Authority (CNA)

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2017/12/05/2
mailing-list
x_refsource_MLIST
https://www.debian.org/security/2018/dsa-4213
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/bid/102059
vdb-entry
x_refsource_BID
https://usn.ubuntu.com/3575-1/
vendor-advisory
x_refsource_UBUNTU
https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html
mailing-list
x_refsource_MLIST
Hyperlink: http://www.openwall.com/lists/oss-security/2017/12/05/2
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://www.debian.org/security/2018/dsa-4213
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/bid/102059
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://usn.ubuntu.com/3575-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html
Resource:
mailing-list
x_refsource_MLIST
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2017/12/05/2
mailing-list
x_refsource_MLIST
x_transferred
https://www.debian.org/security/2018/dsa-4213
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/bid/102059
vdb-entry
x_refsource_BID
x_transferred
https://usn.ubuntu.com/3575-1/
vendor-advisory
x_refsource_UBUNTU
x_transferred
https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2017/12/05/2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://www.debian.org/security/2018/dsa-4213
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/102059
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://usn.ubuntu.com/3575-1/
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:07 Dec, 2017 | 02:29
Updated At:20 Apr, 2025 | 01:37

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
QEMU
qemu
>>qemu>>Versions up to 2.10.2(inclusive)
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
QEMU
qemu
>>qemu>>2.11.0
cpe:2.3:a:qemu:qemu:2.11.0:rc0:*:*:*:*:*:*
QEMU
qemu
>>qemu>>2.11.0
cpe:2.3:a:qemu:qemu:2.11.0:rc1:*:*:*:*:*:*
QEMU
qemu
>>qemu>>2.11.0
cpe:2.3:a:qemu:qemu:2.11.0:rc2:*:*:*:*:*:*
QEMU
qemu
>>qemu>>2.11.0
cpe:2.3:a:qemu:qemu:2.11.0:rc3:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-369Primarynvd@nist.gov
CWE ID: CWE-369
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2017/12/05/2cve@mitre.org
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/102059cve@mitre.org
Third Party Advisory
VDB Entry
https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.htmlcve@mitre.org
Issue Tracking
Third Party Advisory
https://usn.ubuntu.com/3575-1/cve@mitre.org
Third Party Advisory
https://www.debian.org/security/2018/dsa-4213cve@mitre.org
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/12/05/2af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/102059af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.htmlaf854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Third Party Advisory
https://usn.ubuntu.com/3575-1/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.debian.org/security/2018/dsa-4213af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/12/05/2
Source: cve@mitre.org
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/102059
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html
Source: cve@mitre.org
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://usn.ubuntu.com/3575-1/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2018/dsa-4213
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/12/05/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/102059
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Third Party Advisory
Hyperlink: https://usn.ubuntu.com/3575-1/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.debian.org/security/2018/dsa-4213
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

379Records found
CVE-2020-27661
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 2.56%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 15:25
Updated-04 Aug, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-369
Divide By Zero
CVE-2020-12767
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.16% / 37.00%
||
7 Day CHG~0.00%
Published-09 May, 2020 | 20:17
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

Action-Not Available
Vendor-libexif_projectn/aCanonical Ltd.openSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxleaplibexifn/a
CWE ID-CWE-369
Divide By Zero
CVE-2020-14415
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.10% / 28.51%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 15:31
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.
Product-ubuntu_linuxqemun/a
CWE ID-CWE-369
Divide By Zero
CVE-2016-9921
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 21.86%
||
7 Day CHG~0.00%
Published-23 Dec, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.Debian GNU/Linux
Product-enterprise_linuxvirtualizationqemudebian_linuxopenstackn/a
CWE ID-CWE-369
Divide By Zero
CVE-2016-9922
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.81%
||
7 Day CHG~0.00%
Published-27 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-369
Divide By Zero
CVE-2016-8667
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6||MEDIUM
EPSS-0.07% / 23.06%
||
7 Day CHG~0.00%
Published-04 Nov, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxopenSUSE
Product-debian_linuxleapqemun/a
CWE ID-CWE-369
Divide By Zero
CVE-2016-8669
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6||MEDIUM
EPSS-0.07% / 22.18%
||
7 Day CHG~0.00%
Published-04 Nov, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.

Action-Not Available
Vendor-n/aopenSUSEQEMURed Hat, Inc.Debian GNU/Linux
Product-enterprise_linuxqemuopenstackleapdebian_linuxvirtualizationn/a
CWE ID-CWE-369
Divide By Zero
CVE-2021-3941
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 5.83%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 00:00
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR.

Action-Not Available
Vendor-openexrn/aDebian GNU/LinuxRed Hat, Inc.Fedora Project
Product-openexrdebian_linuxfedoraenterprise_linuxopenexr
CWE ID-CWE-369
Divide By Zero
CVE-2014-0142
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.06% / 20.03%
||
7 Day CHG~0.00%
Published-10 Aug, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-369
Divide By Zero
CVE-2015-7513
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 29.07%
||
7 Day CHG~0.00%
Published-08 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncFedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-linux_kernelfedoraubuntu_linuxdebian_linuxn/a
CWE ID-CWE-369
Divide By Zero
CVE-2017-8086
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-02 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-7718
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.81%
||
7 Day CHG~0.00%
Published-20 Apr, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-8112
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.06% / 17.39%
||
7 Day CHG~0.00%
Published-02 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2017-7377
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.07% / 23.06%
||
7 Day CHG~0.00%
Published-10 Apr, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2022-24959
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.83%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 04:21
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yam_siocdevprivate in drivers/net/hamradio/yam.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-8379
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.08% / 23.39%
||
7 Day CHG~0.00%
Published-23 May, 2017 | 03:56
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxRed Hat, Inc.
Product-qemudebian_linuxopenstackn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2018-12207
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 59.38%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:08
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Action-Not Available
Vendor-n/aopenSUSEOracle CorporationF5, Inc.Fedora ProjectDebian GNU/LinuxIntel CorporationRed Hat, Inc.Canonical Ltd.
Product-xeon_3040xeon_l7555_firmwarexeon_e7-8893_v3xeon_e7420_firmwarexeon_e5-1620_v2_firmwarexeon_e3-1558l_v5xeon_5140_firmwarexeon_e5-2608l_v4_firmwarexeon_e5-2660_v3xeon_e5-2450_v2core_i5-1035g7xeon_e7450core_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_e5-2697_v4xeon_d-1527xeon_e5472xeon_x5492_firmwarexeon_x3370_firmwarexeon_w-2125xeon_e7-8890_v3_firmwarexeon_gold_5217_firmwarexeon_e6510xeon_e3-1220_v5_firmwarexeon_e7-8880_v4xeon_e5-2620_v2_firmwarexeon_d-2163it_firmwareceleron_g1610t_firmwarexeon_l7345core_i7-9700xeon_gold_6240_firmwarexeon_gold_6234xeon_e3-1280_v5pentium_gold_g5400txeon_lc5518_firmwarecore_i5-1035g4core_i9-9920x_x-seriesxeon_d-1518xeon_w-2255xeon_e5-1680_v3_firmwarexeon_e5462xeon_e3-1285l_v4_firmwarecore_i5-9600t_firmwarecore_i7-6567u_firmwarexeon_x3380_firmwarexeon_e7-4830_v3_firmwarexeon_gold_6248_firmwareenterprise_linux_servercore_i9-7920xxeon_e5-2683_v4xeon_e5-2608l_v4xeon_e5-1660_v3_firmwarexeon_e-2224xeon_l3110_firmwarexeon_gold_5218celeron_g1830core_i9-7940x_firmwarexeon_d-1567xeon_x5680_firmwarecore_i5-8269u_firmwarecore_i5-6287u_firmwarexeon_e5420xeon_d-2173it_firmwarecore_i5-5350h_firmwarexeon_w-2245xeon_e5-2699_v3xeon_x7350_firmwarexeon_e5620_firmwarecore_i5-8700bxeon_l5215xeon_e3-1240_v5_firmwarecore_i5-5250uxeon_e5-4640_v2xeon_x5472_firmwarecore_i7-10710u_firmwarecore_i7-7820hkxeon_e5-4657l_v2xeon_l3426_firmwarecore_i7-5850hqxeon_e7-8870_v4_firmwarexeon_e3-1558l_v5_firmwarexeon_e7-8895_v2_firmwarexeon_e5-2609_v2_firmwarexeon_gold_6240core_i7-6970hqxeon_7150nceleron_g1820te_firmwarexeon_e5-2450l_v2_firmwarecore_i5-9400_firmwarexeon_e7-8893_v4_firmwarexeon_d-2177nt_firmwarecore_i7-8500y_firmwarexeon_e7-4860_v2_firmwarexeon_e5-2667_v4_firmwareceleron_g4930e_firmwarexeon_gold_5218t_xeon_e7-8893_v2xeon_gold_5220s_firmwarexeon_e5520xeon_d-1539core_m3-6y30celeron_g4900txeon_5063_firmwarexeon_e5530_firmwarexeon_w3565core_m-5y31_firmwarexeon_e3-1275_v5_firmwarexeon_x5672xeon_e3-1535m_v5xeon_x5570_firmwareceleron_g3900te_firmwarexeon_l5530_firmwarexeon_e5603xeon_e7-4809_v3xeon_gold_6230_firmwarexeon_d-2146ntceleron_g4932exeon_e5-2609_v2xeon_e3-1268l_v5xeon_7130mxeon_e3110xeon_e7-4820_v3_firmwarexeon_x3210_firmwarexeon_w-2223_firmwarexeon_e3-1260l_v5_firmwarecore_i7-8750hcore_i7-5700hq_firmwarexeon_l5630xeon_e5607_firmwarecore_i3-7100u_firmwarexeon_e5-4669_v4_firmwarexeon_x3220xeon_e5-2680_v2xeon_d-2166ntxeon_e3-1270_v6xeon_e3-1505m_v5xeon_silver_4216xeon_gold_6230xeon_e5-2403_v2_firmwarexeon_w-2195xeon_e5630_firmwareopenshift_container_platformxeon_e5-2628l_v4xeon_e7540_firmwarexeon_e-2276gcore_i5-7267u_firmwarecore_i7-5557u_firmwarexeon_d-2183itxeon_l7455_firmwarecore_i3-5020uxeon_e5-2687w_v2core_i3-7100core_i7-8809gxeon_e5-4667_v3xeon_lc3518_firmwarexeon_e7-4809_v2_firmwarecore_i5-5257ucore_m-5y70xeon_x5677xeon_e3-1230_v6_firmwarecore_i5-7267ucore_i5\+8500xeon_e5220xeon_silver_4208core_m-5y10a_firmwarexeon_e3-1585_v5xeon_l5618_firmwarexeon_e5-2667_v2_firmwarecore_i7-6560uxeon_w-2123core_i5-9400txeon_gold_5220sxeon_platinum_8280m_firmwarecore_i7-5550u_firmwarexeon_platinum_9282core_i5-8300hxeon_x3370xeon_e3-1220_v6_firmwarexeon_e5-2683_v3core_i3-10110yxeon_e5-2637_v2_firmwarexeon_platinum_9242_firmwarexeon_e3-1535m_v6_firmwarexeon_7041xeon_silver_4210xeon_platinum_8256_firmwarexeon_e5649_firmwarexeon_e5420_firmwarexeon_l5240big-ip_application_acceleration_managerxeon_e5-2618l_v4_firmwarepentium_gold_g5500txeon_e5-2650_v3_firmwarexeon_e3-1240l_v5_firmwarexeon_7150n_firmwarexeon_e5-2660_v3_firmwarexeon_platinum_8276mxeon_x3470_firmwarexeon_gold_6238mceleron_g4920xeon_e-2274gcore_i3-6167uxeon_l3360_firmwarecore_i5-9500xeon_d-1540xeon_x3470xeon_e5-1650_v2xeon_e5-2698_v4xeon_e3-1245_v5_firmwarexeon_d-1528core_i7-6500ucore_i7-6500u_firmwarexeon_x3320_firmwareceleron_g3902exeon_e5-4620_v2_firmwarexeon_e3-1280_v6_firmwarexeon_x5260xeon_gold_6230t_firmwarexeon_e5-2620_v3_firmwarexeon_e5-2660_v4xeon_lv_5128_firmwaredebian_linuxxeon_l7345_firmwarecore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_silver_4208_firmwarexeon_platinum_8268xeon_e5-2650_v4_firmwarexeon_e-2136_firmwarexeon_e3-1235l_v5_firmwarexeon_e5-2690_v2_firmwarexeon_e5-1660_v2xeon_ec5539core_i7-8565uxeon_e7450_firmwarexeon_x5675xeon_e5-2630_v4_firmwarexeon_e5-2687w_v4core_i9-9980xe_firmwarexeon_l5609_firmwarexeon_e-2274g_firmwarexeon_e7340xeon_e5502_firmwarecore_i5-7300hqcore_i7-7560uxeon_e5-2695_v2_firmwarexeon_e3-1271_v3xeon_gold_6240mxeon_e5-4667_v3_firmwarepentium_gold_g5420txeon_3040_firmwarexeon_e3-1220l_v3_firmwarexeon_x3330core_i5-6200u_firmwarecore_i3-8100t_firmwarecore_i5-8259uxeon_e5-2699a_v4_firmwarexeon_d-1529xeon_e3-1265l_v3xeon_x3230core_i9-9900x_x-series_firmwarepentium_gold_g5500xeon_w-3265m_firmwarexeon_e5-4660_v4_firmwarecore_i7-5850hq_firmwarexeon_5040_firmwarexeon_e7-4809_v4xeon_x5690_firmwarecore_i9-7900x_firmwarecore_i7-9850h_firmwarexeon_e5335_firmwarecore_i5-6350hqxeon_e5-2630l_v4_firmwarexeon_gold_5218_firmwarexeon_l7455core_i5-7600tceleron_g1630_firmwareenterprise_linux_server_tusxeon_e5-2618l_v4xeon_l5520_firmwarecore_i5-6350hq_firmwarexeon_e-2224gxeon_5070xeon_w-2135xeon_l3014xeon_l5618xeon_e3-1231_v3_firmwarexeon_x3430_firmwarexeon_l5420_firmwarecore_i5-9300hxeon_w3565_firmwarecore_i3-7167u_firmwarecore_i7-8559u_firmwarexeon_gold_5220t_firmwarecore_i7-8086k_firmwarexeon_gold_5220_firmwarecore_i5-1035g1_firmwareceleron_g1620xeon_w5590core_i5-9400hcore_i7-8500yleapxeon_x5270xeon_e5-4640_v3_firmwarexeon_x5675_firmwarexeon_e5-2680_v4_firmwarecore_i7-5557uxeon_gold_6240m_firmwarexeon_e7530xeon_e5-1630_v4_firmwarexeon_e7-8890_v2xeon_lc5528xeon_x5560xeon_e5-4603_v2_firmwarexeon_e5-2640_v2_firmwarecore_i7-7820hqxeon_e5-2620_v3core_i5-6260u_firmwarexeon_w3690xeon_7041_firmwarexeon_l5640xeon_5063core_i3-8300t_firmwarecore_i3-8109u_firmwarecore_i5-7400_firmwarexeon_gold_6254_firmwarexeon_e3-1275_v5core_i7-9700k_firmwarexeon_x5355core_i9-10980xe_firmwarexeon_e3-1240_v5xeon_e-2288g_firmwarexeon_e5-2430_v2_firmwarexeon_5060_firmwarexeon_e5-2450_v2_firmwarexeon_e5-2440_v2_firmwarexeon_e3-1230l_v3xeon_l7445_firmwarexeon_e5-2650_v3xeon_e5-2660_v2_firmwarexeon_e7430xeon_x7560core_i7-6567uxeon_e5-1650_v4_firmwarexeon_x5365core_i7-5775cxeon_e5-2683_v3_firmwarexeon_5070_firmwarexeon_lv_5133_firmwarecore_i9-7900xxeon_e7-8880_v4_firmwareceleron_g3930_firmwarecore_i7-6870hq_firmwarecore_i9-10900x_x-series_firmwarexeon_w-3223xeon_d-1539_firmwarexeon_7130nxeon_d-1559xeon_7130m_firmwarexeon_x5650xeon_w-2235_firmwareceleron_g1610tcore_i5-8265ucore_i5-6300hqxeon_x5670xeon_e5-2648l_v4_firmwarecore_i3-5157u_firmwarepentium_gold_g5400t_firmwarepentium_gold_4410y_firmwarexeon_3070_firmwarexeon_e-2286g_firmwarexeon_d-2183it_firmwarexeon_e3-1220_v3core_i3-5005u_firmwareceleron_g3920_firmwarexeon_e5-4627_v3xeon_e7-4850_v4core_i3-8350kxeon_7110ncore_i5-7500txeon_e3-1505m_v6core_i3-9100core_i5-9600k_firmwarexeon_e7-4880_v2_firmwarexeon_platinum_9282_firmwarexeon_5110_firmwarexeon_e-2224g_firmwarexeon_l5238pentium_gold_g5600xeon_lv_5148_firmwarexeon_e3120xeon_platinum_8276lceleron_g4950_firmwarecore_i7-7700kcore_i7-8705gxeon_e7-4860_v2xeon_l5408_firmwarexeon_platinum_9222big-ip_policy_enforcement_managerxeon_gold_6230tcore_i7-7660uxeon_d-1627_firmwarecore_i3-6100u_firmwarecore_i7-8706gxeon_w-3225xeon_w3550_firmwarexeon_e5-2630_v2_firmwarexeon_e3-1565l_v5xeon_x5470xeon_e5-4610_v2_firmwarepentium_gold_4415u_firmwarexeon_e5-2643_v2_firmwarexeon_e3-1240_v6core_i5-8259u_firmwarexeon_w-2155_firmwarexeon_e7-4850_v3_firmwarecore_i7-8705g_firmwarecore_i3-7100tcore_i7-7700txeon_e7-2850_v2_firmwarexeon_w-3225_firmwarexeon_e5-1630_v4xeon_e5-4660_v3xeon_w-2295core_i9-9900x_x-seriescore_i5-10210ucore_i5-7260u_firmwarecore_i5-7600k_firmwarexeon_e5-2697_v3_firmwarecore_i7-6770hqxeon_e5-2407_v2core_m-5y10axeon_e3-1270_v6_firmwarexeon_gold_5215mcore_i5-7200u_firmwarecore_i7-10510u_firmwarexeon_gold_5215xeon_e5-2667_v3xeon_e7-4820_v3xeon_e5-2650_v2xeon_e-2226g_firmwarexeon_d-2143itxeon_l5238_firmwareceleron_g1610_firmwarexeon_e5405xeon_e5-2699_v4xeon_gold_6244_firmwarexeon_7140n_firmwarexeon_d-2161i_firmwarexeon_e3-1225_v6xeon_e3-1220l_v3core_i7\+8700_firmwarexeon_e5-2699_v3_firmwarexeon_e-2144g_firmwarexeon_e5-2650l_v2_firmwarexeon_e5-2643_v4_firmwarexeon_e3-1225_v5_firmwarexeon_e3-1240l_v5xeon_e5-2690_v3celeron_g1620t_firmwareceleron_g1820_firmwarecore_i3-10110uxeon_e5-1630_v3xeon_w3520xeon_e7530_firmwarecore_i9-10940x_x-series_firmwarexeon_e7310xeon_x5680xeon_e7440xeon_e5-4650_v2_firmwarexeon_x5450_firmwarexeon_e5-2680_v3core_i5-5287u_firmwarexeon_e5-2697_v4_firmwarexeon_platinum_8280mcore_i9-7980xexeon_gold_6240l_firmwarexeon_e5-4655_v3_firmwarexeon_d-2123it_firmwareceleron_g4900t_firmwarexeon_e5502xeon_x5670_firmwarecore_i7-6870hqpentium_gold_4415yxeon_x3480xeon_gold_6238lxeon_e5-2637_v3xeon_e5-2699_v4_firmwarexeon_l5430_firmwarexeon_e7-8890_v2_firmwarecore_i9-10920x_x-seriesxeon_w3670core_i3-1005g1_firmwarexeon_e7-8880l_v3_firmwarebig-ip_advanced_firewall_managerxeon_w-3265mxeon_e5620xeon_e5645core_i5-7500xeon_d-1627xeon_l5518xeon_platinum_8260y_firmwarexeon_x3460xeon_d-1602xeon_x5270_firmwarecore_i5\+8400_firmwarexeon_e3-1270_v5_firmwarexeon_e7-8890_v4core_i5-7200uxeon_e7310_firmwarecore_i5-8350u_firmwareceleron_g1820tceleron_g3930exeon_e5-4607_v2_firmwarexeon_gold_6240y_firmwarexeon_e5-2630l_v3_firmwarexeon_e3-1535m_v5_firmwarexeon_e5-2690_v4xeon_x3230_firmwarexeon_e7-8891_v2pentium_gold_g5600_firmwarexeon_e7-4850_v2xeon_e5-2658_v4_firmwarexeon_e3-1545m_v5xeon_w3680_firmwarecore_i3-9300_firmwarecore_i5-8400txeon_e5430_firmwarexeon_d-2145nt_firmwarepentium_gold_g5600tcore_i3-5015uceleron_g3930tcore_i9-9960x_x-series_firmwarexeon_e7340_firmwarexeon_e7-4870_v2xeon_l5506_firmwarexeon_d-1541_firmwarecore_i7-5775c_firmwarecore_i7-5500uceleron_g4920_firmwarexeon_e3-1260l_v5xeon_l5310_firmwarexeon_e5240_firmwarexeon_d-1623n_firmwarexeon_l5508_firmwarecore_i3-7100hxeon_l5215_firmwarexeon_d-1548_firmwarexeon_3070xeon_e5-2690_v3_firmwarexeon_d-1559_firmwarepentium_gold_g5400_firmwarexeon_x3320xeon_e7-4809_v4_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-6287ucore_i5-1035g7_firmwarexeon_e5-2697a_v4_firmwarexeon_e5450xeon_e5-4650_v3xeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarecore_i5-9400xeon_w3680core_i3-8100txeon_e5-1650_v3_firmwarexeon_platinum_8260xeon_e7210big-ip_global_traffic_managerxeon_bronze_3204_firmwarecore_i7-5550uxeon_d-2142it_firmwarexeon_e5-2470_v2core_i5-7500t_firmwarecore_i7-6820hk_firmwarexeon_e3-1280_v5_firmwarexeon_e5-2420_v2celeron_g4930t_firmwarecore_i7-8650uxeon_bronze_3204xeon_e5-4627_v3_firmwarexeon_e5-2430_v2core_m3-7y30_firmwarexeon_e5504_firmwarexeon_e7-8870_v2_firmwarecore_i7-9750h_firmwarecore_i3-6167u_firmwarecore_i3-6100uxeon_w3670_firmwarexeon_gold_5217xeon_e5-2687w_v4_firmwarepentium_gold_4415uxeon_e7330_firmwarexeon_w5580_firmwarexeon_e-2234_firmwarexeon_w5590_firmwarexeon_e3120_firmwarexeon_x5365_firmwarexeon_gold_5222_firmwarexeon_w-3245xeon_e7-4820_v4_firmwareceleron_g1850_firmwarecore_i3-10110y_firmwarecore_i5-1035g4_firmwarecore_i5-8500bxeon_x5650_firmwarexeon_d-1523ncore_i5-8269uxeon_x3440xeon_e5-4660_v3_firmwarecore_i5-6300hq_firmwarexeon_e-2288gxeon_d-1653ncore_m-5y10_firmwarecore_i7-8709g_firmwarexeon_e5-4650_v2xeon_e5-4669_v4xeon_e7220_firmwarexeon_d-1543n_firmwareceleron_g3900txeon_w-2195_firmwarexeon_w3570enterprise_managerxeon_5040xeon_l7545xeon_x5472xeon_gold_6252n_firmwarexeon_5140core_i5-10210y_firmwarexeon_e5-1650_v3xeon_e5-2630_v2core_m-5y51_firmwarecore_i3-7350kxeon_w-2265_firmwarexeon_e3-1276_v3_firmwarexeon_e7-8891_v3core_i5-8250uxeon_e5440xeon_d-1571_firmwarecore_i7-9700txeon_gold_6252nxeon_7110m_firmwarexeon_l5506xeon_gold_6244xeon_e5-2695_v3xeon_x5690core_i7-8650u_firmwarexeon_w-3245_firmwarexeon_l5318xeon_gold_6226_firmwarecore_i3-5157uxeon_5130_firmwarecore_i5-6200ucore_i7-7700k_firmwarecore_i7-6700hq_firmwarexeon_x5460_firmwarexeon_3050_firmwarexeon_w-2135_firmwarecore_i9-9940x_x-seriescore_m-5y10c_firmwareceleron_g3902e_firmwarexeon_e5-2603_v2_firmwarexeon_e5-1660_v3xeon_d-1520core_i7-6970hq_firmwarexeon_platinum_8256xeon_gold_6238l_firmwarexeon_e5-2623_v3xeon_e7-4830_v4_firmwarexeon_e5-2680_v2_firmwarexeon_e7-2890_v2xeon_x5647_firmwarexeon_d-1520_firmwarexeon_w-2125_firmwarexeon_e3-1268l_v5_firmwarexeon_w-2175_firmwarexeon_e5507xeon_e3-1241_v3_firmwarexeon_7110n_firmwarexeon_e3-1275_v6xeon_d-1531xeon_x5550core_i3-9300txeon_gold_6262v_firmwarexeon_e-2278gxeon_5120_firmwarexeon_platinum_8260yxeon_platinum_8260m_firmwarexeon_e7-8867_v3xeon_x3350_firmwarexeon_e7-8880_v2_firmwarexeon_e5-2450l_v2core_i9-9980xexeon_d-2142itcore_i5-8265u_firmwarexeon_e3-1281_v3_firmwarexeon_e3-1505m_v6_firmwarexeon_gold_5215m_firmwareceleron_g3930te_firmwarexeon_e3-1545m_v5_firmwarexeon_platinum_8276xeon_x3450_firmwarexeon_e3-1235l_v5core_i7\+8700core_i7-5700hqxeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e5-4610a_v4xeon_e5-2630l_v2_firmwarecore_m3-7y30core_i3-9350kxeon_e5-2650l_v2xeon_e5-2680_v3_firmwarexeon_7120mxeon_platinum_8276m_firmwarexeon_x5672_firmwareceleron_g4950xeon_e3-1240l_v3_firmwarexeon_e7-4850_v2_firmwarecore_i7-7700t_firmwarexeon_w-3275_firmwarexeon_e7220xeon_e7-8890_v3xeon_x5660_firmwarexeon_e5-2623_v4_firmwarecore_i5-8200ycore_i9-10900x_x-seriesceleron_g3900t_firmwarexeon_e3-1285_v4_firmwarexeon_w-2275xeon_e5-2697_v2_firmwarexeon_d-1543nxeon_d-1528_firmwarexeon_l5320_firmwareceleron_g4900_firmwarecore_i5-7440hqceleron_g1620txeon_e-2144gxeon_e3-1245_v6_firmwarexeon_d-1521xeon_d-2191_firmwarexeon_e5-2637_v3_firmwareceleron_g3900eceleron_g1820tecore_i7-7700_firmwareceleron_g3950_firmwarexeon_e5-4650_v4_firmwarexeon_e5630xeon_3060_firmwarebig-ip_analyticsxeon_7020core_i5-9600tcore_m-5y31xeon_w3540_firmwarecore_i3-9320core_i7-1065g7xeon_w3550core_i3-8130uxeon_x5450xeon_platinum_8276l_firmwarexeon_e5-2650l_v3xeon_lc5518xeon_5030xeon_e5-2687w_v2_firmwarexeon_e3-1230_v5enterprise_linux_server_eusxeon_e5-1630_v3_firmwareenterprise_linux_server_auscore_i3-9100_firmwarexeon_w-3245mxeon_lv_5113_firmwareceleron_g1620_firmwarexeon_e3-1226_v3_firmwarexeon_e5430xeon_e5205_firmwarexeon_e7-8880l_v2xeon_w3530_firmwarexeon_l5408xeon_e5-1680_v3xeon_e5-2670_v2pentium_gold_g5420xeon_e5606xeon_e-2124g_firmwarepentium_gold_g5420t_firmwarecore_i5-8305g_firmwarecore_i5-7500_firmwarecore_m-5y71_firmwarexeon_e5-2690_v2xeon_e5-4610_v3xeon_e7-8870_v3xeon_x7542pentium_gold_g5420_firmwarecore_i5-7y54xeon_e5-4650_v4xeon_e5-1660_v4xeon_e7-8891_v4xeon_d-1521_firmwarexeon_l5638_firmwarexeon_e5240xeon_e5-1620_v2xeon_e-2226gxeon_e3-1226_v3xeon_d-1557_firmwarexeon_x5687_firmwarecore_i7-5500u_firmwarecore_i3-8145uxeon_e7-4820_v2_firmwarexeon_e5-1620_v3_firmwarexeon_e7-4830_v2core_i5-9600_firmwarexeon_platinum_8268_firmwarexeon_gold_6262vcore_i3-8109uxeon_e5-2609_v4_firmwarexeon_e5-2640_v3xeon_e7-8880l_v3xeon_e5-1620_v4xeon_e6540_firmwarexeon_gold_6238m_firmwarecore_i3-7300xeon_d-1567_firmwarebig-ip_application_security_managerxeon_e5-2630l_v3xeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_e-2134_firmwarexeon_silver_4210_firmwarexeon_d-2191xeon_x7460_firmwarecore_i5-8400bcore_i3-9300t_firmwarexeon_e5405_firmwarexeon_lv_5113core_i5-9500_firmwarecore_m-5y10cxeon_e5-4627_v4_firmwarepentium_gold_g5620xeon_platinum_8276_firmwarexeon_e7440_firmwarexeon_e7-8870_v4core_i5-8700b_firmwarexeon_7030xeon_e7540xeon_5060xeon_e3-1265l_v4xeon_ec5509_firmwarexeon_x5482celeron_g3930texeon_e-2136pentium_gold_6405u_firmwarecore_i7-10510ucore_i7-9700kxeon_d-1533n_firmwarecore_i3-8100xeon_w-2265xeon_gold_5215_firmwarexeon_e5335xeon_e5-2667_v4xeon_7130n_firmwarexeon_e5503_firmwarexeon_e3-1285l_v4xeon_w-2245_firmwarexeon_x5470_firmwarexeon_e7-8870_v2xeon_l5410_firmwarecore_i3-7300_firmwarexeon_e7330fedoraxeon_l3406_firmwarexeon_x3430xeon_lc3528core_i5-7287u_firmwarecore_i7-7700core_m-5y10xeon_e5-1680_v4core_i7-7820hq_firmwarexeon_5110core_i7-5950hq_firmwarexeon_e3-1575m_v5_firmwarecore_i7-7920hq_firmwarexeon_platinum_8280l_firmwarexeon_d-1577_firmwarexeon_e-2124_firmwarecore_i7-5750hq_firmwarexeon_e3-1240_v6_firmwarexeon_e5506xeon_e5-4660_v4xeon_x3360_firmwarexeon_e7520_firmwareceleron_g3900_firmwarexeon_e3-1505m_v5_firmwarexeon_d-2187ntcore_i5-8500b_firmwarexeon_e5-2643_v3_firmwareceleron_g4930core_i3-6100h_firmwarecore_i5-7600xeon_e5504core_i9-7940xxeon_w-3265_firmwarexeon_e5-2698_v3_firmwarexeon_7120n_firmwarexeon_e5530xeon_platinum_8253xeon_e5-2630l_v4xeon_e5-4667_v4big-ip_fraud_protection_servicexeon_lv_5128core_i3-8300xeon_e-2186gcore_i5-7400tcore_i3-5005uxeon_e5-2690_v4_firmwarexeon_e-2174gxeon_e5-2630_v4xeon_d-1622xeon_e5-4610_v3_firmwareceleron_g4932e_firmwarexeon_x5355_firmwarexeon_lc5528_firmwarecore_i5-7260uxeon_w-2145_firmwarexeon_e5-2643_v3xeon_d-2145ntxeon_e5450_firmwarexeon_e5-1650_v4big-ip_access_policy_managerxeon_gold_6238core_i7-7500u_firmwarexeon_e5-2630_v3xeon_e5-4627_v2_firmwarecore_i7-7800xxeon_e3-1275_v6_firmwarexeon_e7320core_i5-10210yxeon_e3-1225_v6_firmwarecore_i7-7820hk_firmwarexeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_w-3275mxeon_e7420xeon_e7-8890_v4_firmwarecore_i5-10210u_firmwarexeon_x5460xeon_l5310xeon_d-1513n_firmwarexeon_e5540_firmwarecore_i3-7300t_firmwarexeon_e3-1265l_v4_firmwarexeon_e5-1620_v4_firmwareceleron_g4930exeon_e5472_firmwarepentium_gold_4410yxeon_x3350core_i5-9600xeon_e5-2637_v4_firmwarexeon_e3-1585l_v5_firmwarexeon_e7-8867_v4big-ip_local_traffic_managerxeon_e5410_firmwarexeon_5150_firmwarexeon_e5640xeon_e3-1281_v3pentium_gold_g5600t_firmwarexeon_lv_5133xeon_e-2224_firmwarexeon_x5272_firmwarexeon_e3-1240l_v3pentium_gold_6405uxeon_5050_firmwarecore_i5-9300h_firmwarexeon_e5345celeron_g1820xeon_e7-8880_v3core_i3-9320_firmwarexeon_l5630_firmwarexeon_gold_5220t_xeon_lv_5148xeon_3060core_i9-10940x_x-seriescore_i5-8400b_firmwarexeon_e3-1280_v6xeon_e7-8891_v3_firmwarecore_i5-5200uxeon_e3-1225_v3xeon_e7-4890_v2_firmwarecore_i3-8100_firmwarexeon_e5-2650l_v3_firmwarexeon_l5318_firmwarexeon_5030_firmwarexeon_e5-2697_v3xeon_w3580_firmwarexeon_e5-4603_v2xeon_e5-4627_v4xeon_e-2124core_i5-7287ucore_i7-10710uxeon_d-1541xeon_d-2141ixeon_e7-4830_v4xeon_e3-1275_v3xeon_e7-4809_v2xeon_e5310xeon_e5440_firmwarexeon_d-1633n_firmwarexeon_e-2276g_firmwarexeon_gold_6230n_firmwarexeon_e5-4620_v3_firmwarexeon_gold_5222core_i3-5015u_firmwarecore_i5-7300hq_firmwarexeon_x5260_firmwarexeon_e5-4607_v2core_i7-8706g_firmwarexeon_w-2133_firmwarecore_i3-6100hcore_i5-7400t_firmwarexeon_d-1548xeon_e5-4667_v4_firmwarepentium_gold_4415y_firmwarexeon_e3-1535m_v6xeon_d-1649nxeon_w5580xeon_platinum_9221xeon_l5638xeon_e5-2603_v4_firmwarecore_i7-10510y_firmwarexeon_e3-1220_v5core_i5-5257u_firmwarexeon_7040_firmwarexeon_5050xeon_e-2146g_firmwarexeon_5080xeon_e5-2403_v2xeon_l5335xeon_w3520_firmwarecore_i7-6700hqxeon_e5-2667_v3_firmwarexeon_x5482_firmwarecore_i7-7800x_firmwarexeon_w-2225_firmwarexeon_x7560_firmwarexeon_e5-2640_v2xeon_5120xeon_e5-2407_v2_firmwarexeon_gold_6238t_firmwarecore_i3-7100_firmwarexeon_e5320_firmwarexeon_e7-8891_v4_firmwarexeon_w-2155xeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_7110mxeon_l5320xeon_e5-2650l_v4_firmwareceleron_g1840_firmwareubuntu_linuxxeon_e5-2623_v3_firmwarexeon_x3480_firmwarexeon_lc3528_firmwarecore_i3-9100txeon_lv_5138xeon_d-1623nxeon_x7550xeon_3065xeon_w-2145pentium_gold_4425yxeon_e5-4650_v3_firmwarecore_m-5y71xeon_e5507_firmwarexeon_platinum_9222_firmwarexeon_platinum_8253_firmwarexeon_d-1622_firmwarexeon_e3-1585_v5_firmwarecore_i3-7167uxeon_e-2176g_firmwarexeon_e5-2620_v2core_i7-7567uceleron_g3900e_firmwarexeon_w-2295_firmwarecore_i3-8145u_firmwarexeon_silver_4214xeon_l5530xeon_d-2161ixeon_e3-1225_v3_firmwarexeon_d-2141i_firmwarecore_i7-7660u_firmwarexeon_e3-1585l_v5xeon_gold_5218bxeon_e7-2880_v2_firmwarexeon_e5-2670_v3xeon_e5-4640_v4_firmwarebig-iq_centralized_managementcore_i7-8750h_firmwarecore_i3-5010u_firmwarecore_i3-7300txeon_e5-1680_v4_firmwarexeon_silver_4216_firmwarexeon_e3-1271_v3_firmwarecore_m3-6y54_firmwarexeon_x5647core_i5-7y54_firmwarexeon_e-2246g_firmwarexeon_e5607xeon_e5-2648l_v4xeon_e5645_firmwarexeon_e-2174g_firmwarexeon_e5-4620_v4xeon_e7-8855_v4xeon_7040xeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_e3-1515m_v5xeon_x5660xeon_e3-1225_v5xeon_e5-2630l_v2xeon_l7555core_i5-7600_firmwarexeon_l3426xeon_w-3275m_firmwarexeon_5150xeon_e5-2667_v2xeon_e7-4890_v2xeon_e3-1515m_v5_firmwarexeon_lc3518xeon_e5-2630_v3_firmwarexeon_e7-4830_v2_firmwarexeon_w-3175xxeon_e3-1230l_v3_firmwarecore_i5-6267u_firmwarexeon_l5609xeon_gold_6222v_firmwarecore_i7-9750hxeon_platinum_8260_firmwarexeon_e7-8893_v2_firmwarexeon_w-2225xeon_e5-4669_v3xeon_ec5539_firmwarexeon_x3360core_i7-7560u_firmwarexeon_w-2133xeon_e5-1660_v2_firmwarexeon_d-1557xeon_e7-2890_v2_firmwarexeon_e7430_firmwarexeon_e7-2870_v2_firmwarepentium_gold_g5500_firmwarexeon_e7-8860_v3_firmwarexeon_e5-2670_v2_firmwarexeon_d-1553n_firmwarexeon_e5-2687w_v3_firmwarexeon_e5-4627_v2xeon_w-2223core_i9-7920x_firmwarexeon_x6550_firmwarexeon_e5-4620_v2xeon_e5-2470_v2_firmwarecore_i3-8300txeon_e3-1565l_v5_firmwarepentium_gold_g5620_firmwarexeon_ec5549_firmwarexeon_x3460_firmwarexeon_e-2236xeon_e-2236_firmwarexeon_e-2126g_firmwarexeon_gold_6238_firmwareceleron_g1820t_firmwarexeon_x5492xeon_e5640_firmwarecore_i9-7960x_firmwarexeon_x5570celeron_g3950xeon_e5-2640_v4_firmwarecore_i5-8400xeon_x5667_firmwarexeon_gold_6246core_i7-8086kxeon_x7460pentium_gold_g5500t_firmwarexeon_e5-2603_v3_firmwarexeon_e5-2603_v2xeon_d-1527_firmwarepentium_gold_5405u_firmwarebig-ip_domain_name_systemxeon_e5-2683_v4_firmwarexeon_w-3245m_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-4628l_v4_firmwarexeon_e5-2603_v3xeon_e7-4850_v4_firmwarexeon_3065_firmwarexeon_gold_6240y_xeon_e7-8870_v3_firmwarexeon_w3540xeon_e5310_firmwarexeon_e-2134xeon_l3360xeon_e5-4655_v3core_i5-5350hxeon_e5-2620_v4_firmwarexeon_d-2163itxeon_e5220_firmwaresolariscore_i5-10310y_firmwarepentium_gold_4417uxeon_e5-4610a_v4_firmwarecore_i7-10510yxeon_gold_5215lxeon_e5-4655_v4xeon_silver_4215_firmwarecore_i5-7360u_firmwarexeon_w-2275_firmwarexeon_l5430xeon_e5-2658_v4xeon_e5-2440_v2xeon_l5335_firmwarexeon_x5272xeon_w3570_firmwarecore_i9-7960xceleron_g3900core_i7-7820xxeon_e7-8893_v3_firmwarecore_i5-9600kxeon_d-1531_firmwarecore_i7-7700hqxeon_e6510_firmwarexeon_e7-4830_v3xeon_e5-2420_v2_firmwarexeon_e5-2698_v3core_i3-9100t_firmwarexeon_e3-1245_v5xeon_l5508xeon_e7-8880_v3_firmwarexeon_7140m_firmwarexeon_e7-8857_v2_firmwarebig-ip_link_controllerxeon_d-1571xeon_gold_6240lxeon_e5-1620_v3xeon_5080_firmwarecore_i5-8350uxeon_w-3223_firmwarecore_m3-6y30_firmwarexeon_e7-8850_v2_firmwareceleron_g1830_firmwarexeon_d-2173itceleron_g3930xeon_d-2123itxeon_e-2246gceleron_g3930t_firmwarexeon_l5240_firmwarexeon_l5420xeon_gold_5218n_firmwarexeon_e5-2670_v3_firmwarexeon_e5-2637_v4xeon_w-2255_firmwarexeon_e3-1241_v3xeon_ec3539_firmwarexeon_e5-2695_v4_firmwarexeon_e5-2687w_v3xeon_x5677_firmwarecore_i5-5200u_firmwarexeon_e5-2680_v4xeon_e5-2697a_v4xeon_e7-4809_v3_firmwarexeon_gold_6242_firmwarexeon_d-1649n_firmwarexeon_e-2104g_firmwarexeon_e5-2609_v4core_i7-7920hqxeon_e3-1220_v3_firmwarexeon_e5503xeon_e5-2660_v2xeon_e5-1650_v2_firmwarexeon_w-2123_firmwarecore_m3-6y54core_i3-6100_firmwarecore_m-5y51xeon_e3-1270_v5xeon_d-1537_firmwarecore_i3-7350k_firmwarexeon_x5560_firmwarexeon_e7320_firmwarexeon_d-2166nt_firmwareceleron_g1840t_firmwarexeon_e3-1246_v3xeon_e5-2643_v4xeon_e5-2699a_v4xeon_7120nxeon_l5410celeron_g1840xeon_l3110core_i3-9300xeon_5160_firmwarexeon_e7-2870_v2xeon_e7-8860_v3xeon_e-2244gcore_i5\+8400xeon_e-2176gxeon_e5-2698_v4_firmwarexeon_7020_firmwarexeon_e5-2637_v2xeon_7140mceleron_g1630core_i7-8709gxeon_l3014_firmwarexeon_l7545_firmwarecore_i3-5020u_firmwarexeon_e7-4870_v2_firmwarexeon_l5640_firmwarexeon_3050xeon_e5-2650l_v4xeon_7120m_firmwarexeon_l5518_firmwarexeon_d-1529_firmwarepentium_gold_4417u_firmwarexeon_d-1637_firmwarecore_m3-8100y_firmwarexeon_e-2104gcore_i7-5950hqxeon_7030_firmwarexeon_e7-8850_v2xeon_e5-2695_v2core_i5-6260uxeon_5130xeon_e5-4640_v2_firmwarexeon_e5606_firmwarexeon_e5345_firmwarexeon_silver_4214_firmwareceleron_g4930_firmwarecore_i5-9500tceleron_g1610xeon_d-2143it_firmwarexeon_platinum_9242core_i5-7400xeon_platinum_8280lxeon_e7-4850_v3xeon_d-1523n_firmwarexeon_platinum_8280_firmwarexeon_e5-2697_v2xeon_x7350core_i3-7320xeon_e5205xeon_e7-8880l_v2_firmwarexeon_e5-4669_v3_firmwarecore_i9-9960x_x-seriesxeon_e3-1230_v6xeon_e7-8867_v3_firmwarexeon_e5-2430l_v2core_i5-1035g1xeon_w3580xeon_gold_6230ncore_i5-5250u_firmwarexeon_w-3265core_i7-8565u_firmwarexeon_gold_6246_firmwarexeon_e7-2850_v2pentium_gold_4425y_firmwarexeon_gold_5218nxeon_e5-2620_v4xeon_platinum_9221_firmwarexeon_e-2186g_firmwarexeon_ec5549xeon_e3-1276_v3xeon_w3530core_i5-7600t_firmwarexeon_e-2124gxeon_e3-1231_v3core_i9-7980xe_firmwarexeon_e6540core_i5-7440hq_firmwarexeon_e7-8880_v2xeon_e7-8891_v2_firmwarexeon_x3380xeon_e5462_firmwarexeon_gold_5220xeon_e-2234xeon_e7-8860_v4_firmwarexeon_d-1637xeon_d-1577celeron_g3930e_firmwarexeon_gold_6254xeon_silver_4209t_firmwarecore_i7-9850hcore_i7-9700t_firmwarexeon_x3210xeon_gold_5215l_firmwarecore_i7-7820x_firmwarexeon_e3110_firmwarexeon_e5-2640_v4xeon_e7-8893_v4core_i3-8130u_firmwarexeon_ec3539celeron_g3920core_i3-7100uceleron_g1850core_i5-5287uxeon_d-1653n_firmwarexeon_w-3275core_i5-7600kxeon_platinum_8270_firmwarexeon_e5-2640_v3_firmwarexeon_d-1553nxeon_e-2126gxeon_silver_4209txeon_e5-4620_v3xeon_gold_6234_firmwarexeon_d-1633ncore_i3-7100t_firmwareceleron_g1840tcore_i5-7360uxeon_e7-4820_v4xeon_e5-2650_v2_firmwarexeon_gold_5218t_firmwarexeon_gold_6248xeon_platinum_8260l_firmwarexeon_d-1518_firmwarexeon_e3-1220_v6xeon_e5649xeon_platinum_8280core_m3-8100ycore_m-5y70_firmwarecore_i5-8250u_firmwarexeon_e3-1246_v3_firmwarecore_i7-7567u_firmwarecore_i3-7320_firmwarecore_i5-8400_firmwarexeon_e5520_firmwarexeon_e5-4657l_v2_firmwarexeon_e3-1285_v4xeon_e5320xeon_x7550_firmwarecore_i7-7700hq_firmwarexeon_e3-1265l_v3_firmwarecore_i7-6820hkxeon_d-2146nt_firmwarexeon_e3-1230_v5_firmwarexeon_x5687xeon_e3-1275_v3_firmwarecore_i5-10310ycore_i9-10920x_x-series_firmwarexeon_gold_5218b_firmwarecore_i5-8400t_firmwarexeon_e7-8857_v2xeon_lv_5138_firmwarexeon_e-2286gxeon_gold_6222vcore_i9-9940x_x-series_firmwarexeon_5160xeon_x6550xeon_x5550_firmwarexeon_gold_6242xeon_x7542_firmwarexeon_e5-4610_v2xeon_e7-4820_v2xeon_e-2244g_firmwarexeon_e3-1575m_v5xeon_e7-8895_v2xeon_e7-8855_v4_firmwarexeon_platinum_8270xeon_e5-2650_v4xeon_x3450xeon_e5-2660_v4_firmwarexeon_d-1533nxeon_x3330_firmwarexeon_e3-1245_v6xeon_silver_4215xeon_w-3175x_firmwarexeon_l7445xeon_w-2235xeon_e5-2695_v4xeon_7140ncore_i7-6560u_firmwarecore_i3-8300_firmwareceleron_g4930tcore_i7-1065g7_firmwarecore_i5\+8500_firmwarexeon_gold_6238txeon_silver_4214yxeon_e5-2603_v4xeon_e5506_firmwarecore_i9-10980xexeon_e5-2643_v2xeon_e5-2695_v3_firmwarexeon_e7-8860_v4xeon_w3690_firmwarexeon_e5-2430l_v2_firmwarexeon_x3220_firmwarecore_i7-8809g_firmwarexeon_e7520xeon_e7-4880_v2xeon_e7-8867_v4_firmwareceleron_g4900core_i5-9400h_firmwarecore_i3-5010upentium_gold_g5400core_i3-6100xeon_ec5509xeon_l5520xeon_x5667core_i3-10110u_firmwarexeon_x3440_firmwarexeon_gold_6226core_i5-9500t_firmwarexeon_gold_6252xeon_e5410core_i7-6770hq_firmwarexeon_e5-4640_v3core_i7-5750hqcore_i5-6267upentium_gold_5405uceleron_g3900tecore_i3-1005g1core_i9-9920x_x-series_firmwarexeon_l3406xeon_gold_6252_firmwarexeon_e7210_firmwarecore_i5-8305gxeon_e5603_firmwarecore_i5-9400t_firmwarexeon_platinum_8260lcore_i7-8559uxeon_d-1602_firmwarexeon_e5540core_i7-9700_firmwarexeon_e-2146gxeon_d-2177ntxeon_w-2175xeon_e7-2880_v22019.2 IPU – Intel(R) Processor Machine Check Error
CWE ID-CWE-20
Improper Input Validation
CVE-2017-6505
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.16%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2020-28928
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.77%
||
7 Day CHG~0.00%
Published-24 Nov, 2020 | 18:01
Updated-04 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).

Action-Not Available
Vendor-musl-libcn/aOracle CorporationFedora ProjectDebian GNU/Linux
Product-musldebian_linuxfedoragraalvmn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-5526
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.57%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-5973
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.06%
||
7 Day CHG~0.00%
Published-27 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer descriptor sequence.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxRed Hat, Inc.
Product-virtualizationqemuenterprise_linuxdebian_linuxopenstackn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2017-5957
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 25.10%
||
7 Day CHG~0.00%
Published-14 Mar, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), allows a local guest users to cause a denial of service (application crash) via the "nr_cbufs" argument.

Action-Not Available
Vendor-virglrenderer_projectn/aQEMU
Product-virglrendererqemun/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-5857
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.08%
||
7 Day CHG~0.00%
Published-16 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-5579
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 32.84%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-5552
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 42.10%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-5578
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.20% / 42.10%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-27830
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 40.42%
||
7 Day CHG~0.00%
Published-13 May, 2021 | 14:15
Updated-04 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelkernel
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-5525
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.08%
||
7 Day CHG~0.00%
Published-15 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-5987
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.57%
||
7 Day CHG~0.00%
Published-20 Mar, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2017-5856
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.14% / 35.08%
||
7 Day CHG~0.00%
Published-16 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-5667
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.16% / 37.86%
||
7 Day CHG~0.00%
Published-16 Mar, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-42755
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 0.29%
||
7 Day CHG-0.00%
Published-05 Oct, 2023 | 18:25
Updated-23 Jul, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: rsvp: out-of-bounds read in rsvp_classify()

A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.Linux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelenterprise_linuxRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-28935
Matching Score-8
Assigner-NLnet Labs
ShareView Details
Matching Score-8
Assigner-NLnet Labs
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.62%
||
7 Day CHG~0.00%
Published-07 Dec, 2020 | 21:46
Updated-16 Sep, 2024 | 23:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local symlink attack in Unbound and NSD

NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.

Action-Not Available
Vendor-nlnetlabsNLnet LabsDebian GNU/Linux
Product-unboundname_server_daemondebian_linuxNSDUnbound
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2020-26570
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.31%
||
7 Day CHG~0.00%
Published-06 Oct, 2020 | 01:04
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.

Action-Not Available
Vendor-opensc_projectn/aDebian GNU/LinuxFedora Project
Product-debian_linuxfedoraopenscn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-27351
Matching Score-8
Assigner-Canonical Ltd.
ShareView Details
Matching Score-8
Assigner-Canonical Ltd.
CVSS Score-2||LOW
EPSS-0.06% / 18.19%
||
7 Day CHG~0.00%
Published-10 Dec, 2020 | 04:05
Updated-16 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Various memory and file descriptor leaks in apt-python

Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prior to 1.1.0~beta1ubuntu0.16.04.10; 1.6.5ubuntu0 versions prior to 1.6.5ubuntu0.4; 2.0.0ubuntu0 versions prior to 2.0.0ubuntu0.20.04.2; 2.1.3ubuntu1 versions prior to 2.1.3ubuntu1.1;

Action-Not Available
Vendor-Canonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxadvanced_package_tooldebian_linuxpython-apt
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2020-26572
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.31%
||
7 Day CHG~0.00%
Published-06 Oct, 2020 | 01:03
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.

Action-Not Available
Vendor-opensc_projectn/aDebian GNU/LinuxFedora Project
Product-debian_linuxfedoraopenscn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-26571
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.00%
||
7 Day CHG~0.00%
Published-06 Oct, 2020 | 01:04
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.

Action-Not Available
Vendor-opensc_projectn/aDebian GNU/LinuxFedora Project
Product-debian_linuxfedoraopenscn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-25742
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.2||LOW
EPSS-0.04% / 12.31%
||
7 Day CHG~0.00%
Published-06 Oct, 2020 | 14:18
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-25743
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.2||LOW
EPSS-0.04% / 12.31%
||
7 Day CHG~0.00%
Published-06 Oct, 2020 | 14:15
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.
Product-openstack_platformqemuenterprise_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-25650
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.61%
||
7 Day CHG~0.00%
Published-25 Nov, 2020 | 14:35
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest user with access to the UNIX domain socket path `/run/spice-vdagentd/spice-vdagent-sock` could use this flaw to perform a memory denial of service for spice-vdagentd or even other processes in the VM system. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and previous versions.

Action-Not Available
Vendor-spice-spacen/aDebian GNU/LinuxFedora Project
Product-spice-vdagentdebian_linuxfedoraspice-vdagent
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2020-25723
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.2||LOW
EPSS-0.02% / 2.21%
||
7 Day CHG~0.00%
Published-02 Dec, 2020 | 00:52
Updated-04 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemuQEMU
CWE ID-CWE-617
Reachable Assertion
CVE-2020-24352
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 34.26%
||
7 Day CHG~0.00%
Published-16 Oct, 2020 | 05:05
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2009-1186
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.09% / 25.81%
||
7 Day CHG~0.00%
Published-17 Apr, 2009 | 14:00
Updated-07 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.

Action-Not Available
Vendor-udev_projectn/aSUSEDebian GNU/LinuxFedora ProjectopenSUSECanonical Ltd.
Product-ubuntu_linuxlinux_enterprise_serverdebian_linuxopensusefedoralinux_enterprise_debuginfoudevlinux_enterprise_desktopn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-1983
Matching Score-8
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-8
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.78%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 19:30
Updated-16 Sep, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libslirp: use after free vulnerability cause a denial of service.

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

Action-Not Available
Vendor-libslirp_projectslirpCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoralibslirpleaplibslirp
CWE ID-CWE-416
Use After Free
CVE-2020-18442
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.06% / 17.94%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 14:25
Updated-10 Jul, 2025 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".

Action-Not Available
Vendor-gdraheimn/aFedora ProjectDebian GNU/Linux
Product-zziplibfedoradebian_linuxn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2020-15563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 8.88%
||
7 Day CHG~0.00%
Published-07 Jul, 2020 | 12:23
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition, there needs to be an entity actively monitoring a guest's video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using hardware assisted paging (HAP), cannot leverage the vulnerability.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxopenSUSEXen Project
Product-xendebian_linuxfedoraleapn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-15305
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 33.23%
||
7 Day CHG~0.00%
Published-26 Jun, 2020 | 00:38
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.

Action-Not Available
Vendor-openexrn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoraopenexrleapn/a
CWE ID-CWE-416
Use After Free
CVE-2020-15859
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.03% / 5.39%
||
7 Day CHG~0.00%
Published-21 Jul, 2020 | 15:25
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-416
Use After Free
CVE-2020-15306
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.19%
||
7 Day CHG~0.00%
Published-26 Jun, 2020 | 00:38
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

Action-Not Available
Vendor-openexrn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoraopenexrleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15393
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.73%
||
7 Day CHG-0.00%
Published-29 Jun, 2020 | 21:58
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found