qemu-guest-agent vulnerabilities

Known vulnerabilities in the qemu-guest-agent package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Heap-based Buffer Overflow	<10:3.1.0-8.amzn2.0.17
H Improper Input Validation	<10:3.1.0-8.amzn2.0.17
H Double Free	<10:3.1.0-8.amzn2.0.16
M Incorrect Synchronization	<10:3.1.0-8.amzn2.0.15
M Heap-based Buffer Overflow	<10:3.1.0-8.amzn2.0.14
M Stack-based Buffer Overflow	<10:3.1.0-8.amzn2.0.13
L Access of Uninitialized Pointer	<10:3.1.0-8.amzn2.0.12
L Access of Uninitialized Pointer	<10:3.1.0-8.amzn2.0.12
L Access of Uninitialized Pointer	<10:3.1.0-8.amzn2.0.12
L Access of Uninitialized Pointer	<10:3.1.0-8.amzn2.0.12
M Improper Access Control	<10:3.1.0-8.amzn2.0.11
M Stack-based Buffer Overflow	<10:3.1.0-8.amzn2.0.11
M Loop with Unreachable Exit Condition ('Infinite Loop')	<10:3.1.0-8.amzn2.0.11
M Out-of-bounds Read	<10:3.1.0-8.amzn2.0.10
M Race Condition	<10:3.1.0-8.amzn2.0.10
M Off-by-one Error	<10:3.1.0-8.amzn2.0.10
M Allocation of Resources Without Limits or Throttling	<10:3.1.0-8.amzn2.0.10
M Use After Free	<10:3.1.0-8.amzn2.0.10
M NULL Pointer Dereference	<10:3.1.0-8.amzn2.0.10
L Loop with Unreachable Exit Condition ('Infinite Loop')	<10:3.1.0-8.amzn2.0.9
M Out-of-bounds Read	<10:3.1.0-8.amzn2.0.8
M Out-of-bounds Read	<10:3.1.0-8.amzn2.0.8
M Out-of-bounds Read	<10:3.1.0-8.amzn2.0.8
M Out-of-bounds Write	<10:3.1.0-8.amzn2.0.8
M Reachable Assertion	<10:3.1.0-8.amzn2.0.8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<10:3.1.0-8.amzn2.0.8
M Incorrect Calculation of Buffer Size	<10:3.1.0-8.amzn2.0.8
M Reachable Assertion	<10:3.1.0-8.amzn2.0.7
M Out-of-bounds Write	<10:3.1.0-8.amzn2.0.7
M Out-of-bounds Read	<10:3.1.0-8.amzn2.0.6
M Use After Free	<10:3.1.0-8.amzn2.0.6
H Out-of-bounds Read	<10:3.1.0-8.amzn2.0.5
H Memory Leak	<10:3.1.0-8.amzn2.0.5
M Use After Free	<10:3.1.0-8.amzn2.0.4
H Buffer Overflow	<10:3.1.0-8.amzn2.0.3
H Use of Uninitialized Resource	<10:3.1.0-8.amzn2.0.3
H Out-of-bounds Write	<10:3.1.0-8.amzn2.0.2
H Out-of-bounds Write	<10:3.1.0-8.amzn2.0.2
H Out-of-bounds Write	<10:3.1.0-8.amzn2.0.1
H Use of Uninitialized Resource	<10:3.1.0-7.amzn2.0.1
H NULL Pointer Dereference	<10:3.1.0-7.amzn2.0.1
H NULL Pointer Dereference	<10:3.1.0-7.amzn2.0.1
H Out-of-Bounds	<10:3.1.0-7.amzn2.0.1

Vulnerability

Vulnerable Version

Heap-based Buffer Overflow

<10:3.1.0-8.amzn2.0.17

Improper Input Validation

<10:3.1.0-8.amzn2.0.17

Double Free

<10:3.1.0-8.amzn2.0.16

Incorrect Synchronization

<10:3.1.0-8.amzn2.0.15

Heap-based Buffer Overflow

<10:3.1.0-8.amzn2.0.14