Vulnerabilities > Improper Release of Memory Before Removing Last Reference ('Memory Leak')

DATE CVE VULNERABILITY TITLE RISK
2017-03-16 CVE-2017-5857 Memory Leak vulnerability in Qemu
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.
local
low complexity
qemu CWE-401
6.5
2017-03-16 CVE-2017-5856 Memory Leak vulnerability in multiple products
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over 2 Gb.
local
low complexity
qemu debian CWE-401
6.5
2017-03-15 CVE-2017-5579 Memory Leak vulnerability in multiple products
Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
local
low complexity
qemu debian CWE-401
6.5
2017-03-15 CVE-2017-5578 Memory Leak vulnerability in Qemu
Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
local
low complexity
qemu CWE-401
6.5
2017-03-15 CVE-2017-5552 Memory Leak vulnerability in Qemu
Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.
local
low complexity
qemu CWE-401
6.5
2017-03-15 CVE-2017-5526 Memory Leak vulnerability in multiple products
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
local
low complexity
qemu debian CWE-401
6.5
2017-03-15 CVE-2017-5525 Memory Leak vulnerability in multiple products
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
local
low complexity
qemu debian CWE-401
6.5
2017-03-15 CVE-2016-10155 Memory Leak vulnerability in multiple products
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
local
low complexity
qemu debian CWE-401
6.0
2016-12-29 CVE-2016-9916 Memory Leak vulnerability in multiple products
Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.
local
low complexity
qemu debian CWE-401
6.5
2016-12-29 CVE-2016-9915 Memory Leak vulnerability in multiple products
Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.
local
low complexity
qemu debian CWE-401
6.5