Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2016-05-26 CVE-2016-0718 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
9.8
2016-05-25 CVE-2016-4020 The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).
local
low complexity
qemu canonical debian redhat
6.5
2016-05-23 CVE-2016-4037 Resource Exhaustion vulnerability in multiple products
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
local
low complexity
fedoraproject canonical qemu debian CWE-400
6.0
2016-05-23 CVE-2016-4001 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large packet.
network
low complexity
qemu canonical fedoraproject debian CWE-120
8.6
2016-05-23 CVE-2015-8558 Infinite Loop vulnerability in multiple products
The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.
local
low complexity
qemu debian CWE-835
5.5
2016-05-23 CVE-2016-4578 Information Exposure vulnerability in multiple products
sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.
local
low complexity
linux canonical debian redhat opensuse CWE-200
5.5
2016-05-23 CVE-2016-4565 Permissions, Privileges, and Access Controls vulnerability in multiple products
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.
local
low complexity
linux canonical debian CWE-264
7.8
2016-05-22 CVE-2016-4544 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data.
network
low complexity
php opensuse fedoraproject debian CWE-119
critical
9.8
2016-05-20 CVE-2016-4441 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command.
local
low complexity
qemu canonical debian CWE-119
6.0
2016-05-20 CVE-2016-4439 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors.
local
low complexity
canonical qemu debian CWE-119
6.7