Lucene search

Veracode Vulnerability DatabaseVERACODE:26982

HistorySep 21, 2020 - 6:28 a.m.

Denial Of Service (DoS)

2020-09-2106:28:34

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

26.7%

JSON

qemu is vulnerable to denial of service (DoS). The vulnerability exists in hw/scsi/vmw_pvscsi.c when local guest OS privileged users can cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

CPENameOperatorVersion
qemu:xenialeq1:2.5+dfsg-5ubuntu10
qemu:xenialeq1:2.5+dfsg-5ubuntu10

CPE	Name	Operator	Version
	qemu:xenial	eq	1:2.5+dfsg-5ubuntu10
	qemu:xenial	eq	1:2.5+dfsg-5ubuntu10

References

www.openwall.com/lists/oss-security/2017/04/26/5

www.securityfocus.com/bid/98015

bugzilla.redhat.com/show_bug.cgi?id=1445621

lists.debian.org/debian-lts-announce/2018/09/msg00007.html

lists.gnu.org/archive/html/qemu-devel/2017-04/msg04578.html

security.gentoo.org/glsa/201706-03

0.001 Low

EPSS

Percentile

26.7%

JSON

Related for VERACODE:26982