Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Leap
(Opensuse)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-11-04 | CVE-2016-8910 | The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count. | Debian_linux, Leap, Qemu, Openstack, Virtualization | 6.0 | ||
| 2016-12-09 | CVE-2016-9105 | Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object. | Debian_linux, Leap, Qemu | 6.0 | ||
| 2016-12-09 | CVE-2016-9106 | Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. | Debian_linux, Leap, Qemu | 6.0 | ||
| 2016-12-10 | CVE-2016-7422 | The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value. | Leap, Qemu, Openstack, Virtualization | 6.0 | ||
| 2016-12-10 | CVE-2016-7170 | The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[] array sizes when processing a DEFINE_CURSOR svga command. | Debian_linux, Leap, Qemu | 4.4 | ||
| 2016-12-10 | CVE-2016-7466 | Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly unplugging a USB device. | Leap, Qemu, Openstack, Virtualization | 6.0 | ||
| 2016-12-10 | CVE-2016-7995 | Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes. | Leap, Qemu | 6.0 | ||
| 2018-04-18 | CVE-2018-1088 | A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client allowed to mount gluster volumes could also mount shared gluster storage volume and escalate privileges by scheduling malicious cronjob via symlink. | Debian_linux, Leap, Enterprise_linux_server, Gluster_storage, Virtualization, Virtualization_host | 8.1 | ||
| 2018-07-06 | CVE-2018-10892 | The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. | Docker, Moby, Leap, Enterprise_linux, Enterprise_linux_server, Openstack | 5.3 | ||
| 2018-07-30 | CVE-2016-9597 | It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705. | Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Leap, Libxml2 | 7.5 |