Your submission was sent successfully! Close

CVE-2017-8379

Published: 3 May 2017

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
precise Does not exist

trusty Not vulnerable
(code not present)
upstream Needs triage

xenial
Released (1:2.5+dfsg-5ubuntu10.14)
yakkety
Released (1:2.6.1+dfsg-0ubuntu5.5)
zesty
Released (1:2.8+dfsg-3ubuntu2.2)
Patches:
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=fa18f36a461984eae50ab957e47ec78dae3c14fc
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=05c6638b203fd7d8bbfa88ac6e6198e32ed0506f
qemu-kvm
Launchpad, Ubuntu, Debian
precise Not vulnerable
(code not present)
trusty Does not exist

upstream Needs triage

xenial Does not exist

yakkety Does not exist

zesty Does not exist