Heap-based buffer overflow in QEMU when built with the
Q35-chipset-based PC system emulator
CVE-2016-2198
Null pointer dereference in ehci_caps_write in the USB EHCI support
that may result in denial of service
CVE-2016-6833
Use after free while writing in the vmxnet3 device that could be used
to cause a denial of service
CVE-2016-6835
Buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device
that could result in denial of service
CVE-2016-8576
Infinite loop vulnerability in xhci_ring_fetch in the USB xHCI support
CVE-2016-8667 / CVE-2016-8669
Divide by zero errors in set_next_tick in the JAZZ RC4030 chipset
emulator, and in serial_update_parameters of some serial devices, that
could result in denial of service
CVE-2016-9602
Improper link following with VirtFS
CVE-2016-9603
Heap buffer overflow via vnc connection in the Cirrus CLGD 54xx VGA
emulator support
CVE-2016-9776
Infinite loop while receiving data in the ColdFire Fast Ethernet
Get the latest Linux and open source security news straight to your inbox.