usn-3575-1
Vulnerability from osv_ubuntu
Published
2018-02-20 19:12
Modified
2026-02-10 04:41
Summary
qemu vulnerabilities
Details

It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-11334)

David Buchanan discovered that QEMU incorrectly handled the VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. (CVE-2017-13672)

Thomas Garnier discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-14167)

Tuomas Tynkkynen discovered that QEMU incorrectly handled VirtFS directory sharing. An attacker could use this issue to obtain sensitive information from host memory. (CVE-2017-15038)

Eric Blake discovered that QEMU incorrectly handled memory in the NBD server. An attacker could use this issue to cause the NBD server to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10. (CVE-2017-15118)

Eric Blake discovered that QEMU incorrectly handled certain options to the NBD server. An attacker could use this issue to cause the NBD server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15119)

Daniel Berrange discovered that QEMU incorrectly handled the VNC server. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. (CVE-2017-15124)

Carl Brassey discovered that QEMU incorrectly handled certain websockets. A remote attacker could possibly use this issue to consume memory, resulting in a denial of service. This issue only affected Ubuntu 17.10. (CVE-2017-15268)

Guoxiang Niu discovered that QEMU incorrectly handled the Cirrus VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2017-15289)

Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-16845)

It was discovered that QEMU incorrectly handled the Virtio Vring implementation. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-17381)

Eric Blake discovered that QEMU incorrectly handled certain rounding operations. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-18043)

Jiang Xin and Lin ZheCheng discovered that QEMU incorrectly handled the VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. (CVE-2018-5683)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2017-14167",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-15038",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-15289",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-18043",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-5683",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "qemu",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-common",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-guest-agent",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-keymaps",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-kvm",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-aarch64",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-arm",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-common",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-mips",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-misc",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-ppc",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-sparc",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-system-x86",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-user",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-user-static",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          },
          {
            "binary_name": "qemu-utils",
            "binary_version": "2.0.0+dfsg-2ubuntu1.39"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "qemu",
        "purl": "pkg:deb/ubuntu/qemu@2.0.0+dfsg-2ubuntu1.39?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.0+dfsg-2ubuntu1.39"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.5.0+dfsg-3ubuntu5",
        "1.5.0+dfsg-3ubuntu6",
        "1.6.0+dfsg-2ubuntu1",
        "1.6.0+dfsg-2ubuntu2",
        "1.6.0+dfsg-2ubuntu3",
        "1.6.0+dfsg-2ubuntu4",
        "1.7.0+dfsg-2ubuntu1",
        "1.7.0+dfsg-2ubuntu2",
        "1.7.0+dfsg-2ubuntu3",
        "1.7.0+dfsg-2ubuntu4",
        "1.7.0+dfsg-2ubuntu5",
        "1.7.0+dfsg-2ubuntu7",
        "1.7.0+dfsg-2ubuntu8",
        "1.7.0+dfsg-2ubuntu9",
        "1.7.0+dfsg-3ubuntu1~ppa1",
        "1.7.0+dfsg-3ubuntu1",
        "1.7.0+dfsg-3ubuntu2",
        "1.7.0+dfsg-3ubuntu3",
        "1.7.0+dfsg-3ubuntu4",
        "1.7.0+dfsg-3ubuntu5",
        "1.7.0+dfsg-3ubuntu6",
        "1.7.0+dfsg-3ubuntu7",
        "2.0.0~rc1+dfsg-0ubuntu1",
        "2.0.0~rc1+dfsg-0ubuntu2",
        "2.0.0~rc1+dfsg-0ubuntu3",
        "2.0.0~rc1+dfsg-0ubuntu3.1",
        "2.0.0+dfsg-2ubuntu1",
        "2.0.0+dfsg-2ubuntu1.1",
        "2.0.0+dfsg-2ubuntu1.2",
        "2.0.0+dfsg-2ubuntu1.3",
        "2.0.0+dfsg-2ubuntu1.5",
        "2.0.0+dfsg-2ubuntu1.6",
        "2.0.0+dfsg-2ubuntu1.7",
        "2.0.0+dfsg-2ubuntu1.8",
        "2.0.0+dfsg-2ubuntu1.9",
        "2.0.0+dfsg-2ubuntu1.10",
        "2.0.0+dfsg-2ubuntu1.11",
        "2.0.0+dfsg-2ubuntu1.13",
        "2.0.0+dfsg-2ubuntu1.14",
        "2.0.0+dfsg-2ubuntu1.15",
        "2.0.0+dfsg-2ubuntu1.16",
        "2.0.0+dfsg-2ubuntu1.17",
        "2.0.0+dfsg-2ubuntu1.18",
        "2.0.0+dfsg-2ubuntu1.19",
        "2.0.0+dfsg-2ubuntu1.20",
        "2.0.0+dfsg-2ubuntu1.21",
        "2.0.0+dfsg-2ubuntu1.22",
        "2.0.0+dfsg-2ubuntu1.24",
        "2.0.0+dfsg-2ubuntu1.25",
        "2.0.0+dfsg-2ubuntu1.26",
        "2.0.0+dfsg-2ubuntu1.27",
        "2.0.0+dfsg-2ubuntu1.28",
        "2.0.0+dfsg-2ubuntu1.29",
        "2.0.0+dfsg-2ubuntu1.30",
        "2.0.0+dfsg-2ubuntu1.31",
        "2.0.0+dfsg-2ubuntu1.32",
        "2.0.0+dfsg-2ubuntu1.33",
        "2.0.0+dfsg-2ubuntu1.34",
        "2.0.0+dfsg-2ubuntu1.35",
        "2.0.0+dfsg-2ubuntu1.36",
        "2.0.0+dfsg-2ubuntu1.38"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2017-14167",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-15038",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-15119",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-15289",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-16845",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-17381",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2017-18043",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-5683",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "qemu",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-block-extra",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-guest-agent",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-kvm",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-aarch64",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-arm",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-common",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-mips",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-misc",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-ppc",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-s390x",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-sparc",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-system-x86",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-user",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-user-binfmt",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-user-static",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          },
          {
            "binary_name": "qemu-utils",
            "binary_version": "1:2.5+dfsg-5ubuntu10.22"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "qemu",
        "purl": "pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.22?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:2.5+dfsg-5ubuntu10.22"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1:2.3+dfsg-5ubuntu9",
        "1:2.3+dfsg-5ubuntu10",
        "1:2.4+dfsg-4ubuntu1",
        "1:2.4+dfsg-4ubuntu2",
        "1:2.4+dfsg-4ubuntu3",
        "1:2.4+dfsg-5ubuntu3",
        "1:2.5+dfsg-1ubuntu2",
        "1:2.5+dfsg-1ubuntu3",
        "1:2.5+dfsg-1ubuntu4",
        "1:2.5+dfsg-1ubuntu5",
        "1:2.5+dfsg-5ubuntu1",
        "1:2.5+dfsg-5ubuntu2",
        "1:2.5+dfsg-5ubuntu4",
        "1:2.5+dfsg-5ubuntu6",
        "1:2.5+dfsg-5ubuntu7",
        "1:2.5+dfsg-5ubuntu10",
        "1:2.5+dfsg-5ubuntu10.1",
        "1:2.5+dfsg-5ubuntu10.2",
        "1:2.5+dfsg-5ubuntu10.3",
        "1:2.5+dfsg-5ubuntu10.4",
        "1:2.5+dfsg-5ubuntu10.5",
        "1:2.5+dfsg-5ubuntu10.6",
        "1:2.5+dfsg-5ubuntu10.7",
        "1:2.5+dfsg-5ubuntu10.8",
        "1:2.5+dfsg-5ubuntu10.9",
        "1:2.5+dfsg-5ubuntu10.10",
        "1:2.5+dfsg-5ubuntu10.11",
        "1:2.5+dfsg-5ubuntu10.13",
        "1:2.5+dfsg-5ubuntu10.14",
        "1:2.5+dfsg-5ubuntu10.15",
        "1:2.5+dfsg-5ubuntu10.16",
        "1:2.5+dfsg-5ubuntu10.20",
        "1:2.5+dfsg-5ubuntu10.21"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that QEMU incorrectly handled guest ram. A privileged\nattacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service. This issue only affected Ubuntu 14.04 LTS\nand Ubuntu 16.04 LTS. (CVE-2017-11334)\n\nDavid Buchanan discovered that QEMU incorrectly handled the VGA device. A\nprivileged attacker inside the guest could use this issue to cause QEMU to\ncrash, resulting in a denial of service. This issue was only addressed in\nUbuntu 17.10. (CVE-2017-13672)\n\nThomas Garnier discovered that QEMU incorrectly handled multiboot. An\nattacker could use this issue to cause QEMU to crash, resulting in a denial\nof service, or possibly execute arbitrary code on the host. In the default\ninstallation, when QEMU is used with libvirt, attackers would be isolated\nby the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS\nand Ubuntu 16.04 LTS. (CVE-2017-14167)\n\nTuomas Tynkkynen discovered that QEMU incorrectly handled VirtFS directory\nsharing. An attacker could use this issue to obtain sensitive information\nfrom host memory. (CVE-2017-15038)\n\nEric Blake discovered that QEMU incorrectly handled memory in the\nNBD server. An attacker could use this issue to cause the NBD server to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n17.10. (CVE-2017-15118)\n\nEric Blake discovered that QEMU incorrectly handled certain options to the\nNBD server. An attacker could use this issue to cause the NBD server to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15119)\n\nDaniel Berrange discovered that QEMU incorrectly handled the VNC server. A\nremote attacker could possibly use this issue to consume memory, resulting\nin a denial of service. This issue was only addressed in Ubuntu 17.10.\n(CVE-2017-15124)\n\nCarl Brassey discovered that QEMU incorrectly handled certain websockets. A\nremote attacker could possibly use this issue to consume memory, resulting\nin a denial of service. This issue only affected Ubuntu 17.10.\n(CVE-2017-15268)\n\nGuoxiang Niu discovered that QEMU incorrectly handled the Cirrus VGA\ndevice. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service. (CVE-2017-15289)\n\nCyrille Chatras discovered that QEMU incorrectly handled certain PS2 values\nduring migration. An attacker could possibly use this issue to cause QEMU\nto crash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10.\n(CVE-2017-16845)\n\nIt was discovered that QEMU incorrectly handled the Virtio Vring\nimplementation. An attacker could possibly use this issue to cause QEMU to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n16.04 LTS and Ubuntu 17.10. (CVE-2017-17381)\n\nEric Blake discovered that QEMU incorrectly handled certain rounding\noperations. An attacker could possibly use this issue to cause QEMU to\ncrash, resulting in a denial of service. This issue only affected Ubuntu\n14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-18043)\n\nJiang Xin and Lin ZheCheng discovered that QEMU incorrectly handled the\nVGA device. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service. (CVE-2018-5683)\n",
  "id": "USN-3575-1",
  "modified": "2026-02-10T04:41:16Z",
  "published": "2018-02-20T19:12:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-3575-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-11334"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-13672"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-14167"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-15038"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-15118"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-15119"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-15124"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-15268"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-15289"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-16845"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-17381"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2017-18043"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-5683"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "qemu vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2017-11334",
    "UBUNTU-CVE-2017-13672",
    "UBUNTU-CVE-2017-14167",
    "UBUNTU-CVE-2017-15038",
    "UBUNTU-CVE-2017-15118",
    "UBUNTU-CVE-2017-15119",
    "UBUNTU-CVE-2017-15124",
    "UBUNTU-CVE-2017-15268",
    "UBUNTU-CVE-2017-15289",
    "UBUNTU-CVE-2017-16845",
    "UBUNTU-CVE-2017-17381",
    "UBUNTU-CVE-2017-18043",
    "UBUNTU-CVE-2018-5683"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…