Zuozhi Fzz

#12587of 53,633
21.5Total CVSS
Vulnerabilities · 4
Medium
4
PT-2016-5672
5.5
2016-05-09
Qemu · Qemu · CVE-2016-3712
**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** The issue is related to an integer overflow in the VGA module, allowing local guest OS users to cause a denial of service. This can be achieved by editing VGA registers in VBE mode, resulting in an out-of-bounds read and a crash of the QEMU process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2016-5151
5.0
2016-02-17
Qemu · Qemu · CVE-2016-2391
**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** The issue allows local guest OS administrators to cause a denial of service, resulting in a NULL pointer dereference and QEMU process crash. This is related to the ohci bus start function in the USB OHCI emulation support. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2016-5058
5.5
2016-02-03
Qemu · Qemu · CVE-2016-2197
**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** A null pointer dereference flaw exists in QEMU when built with IDE AHCI emulation support. This issue occurs during the unmapping of Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside the guest could exploit this flaw to crash the QEMU process instance, resulting in a denial of service (DoS). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2016-5059
5.5
2016-01-29
Qemu · Qemu · CVE-2016-2198
**Name of the Vulnerable Software and Affected Versions** QEMU (affected versions not specified) **Description** A null pointer dereference flaw exists in QEMU when built with USB EHCI emulation support. This issue can occur when an application attempts to write to EHCI capabilities registers, potentially allowing a privileged user inside a guest to crash the QEMU process instance, resulting in a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.