Linux Distros Unpatched Vulnerability : CVE-2017-10806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via...

SUSE CVE-2017-10806

Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...

SUSE: Security Advisory (SUSE-SU-2017:2963-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2019:14201-1 Security update for xen

This update for xen fixes the following issues: - CVE-2019-15890: Fixed a use-after-free in SLiRP networking implementation of QEMU emulator which could have led to Denial of Service bsc1149813. - CVE-2019-12068: Fixed an issue in lsi which could lead to an infinite loop and denial of service...

qemu security update

15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...

qemu security update

15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...

SUSE SLES11 Security Update : kvm (SUSE-SU-2017:3084-1)

This update for kvm fixes several issues. These security issues were fixed : - CVE-2017-2620: In CIRRUSBLTMODEMEMSYSSRC mode the bitblit copy routine cirrusbitbltcputovideo failed to check the memory region, allowing for an out-of-bounds write that allows for privilege escalation bsc1024972 -...

SUSE SLES11 Security Update : kvm (SUSE-SU-2017:2963-1)

This update for kvm fixes several issues. These security issues were fixed : - CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System9pfs support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2936-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c bsc1062942. - CVE-2017-9524: The qemu-nbd server when built with th...

SUSE SLES12 Security Update : xen (SUSE-SU-2017:2541-1)

This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...

openSUSE Security Update : qemu (openSUSE-2017-1072)

This update for qemu fixes the following issues : Security issues fixed : - CVE-2017-10664: Fix DOS vulnerability in qemu-nbd bsc1046636 - CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support bsc1047674 - CVE-2017-11334: Fix OOB access during DMA operation...

openSUSE: Security Advisory for qemu (openSUSE-SU-2017:2513-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES11 Security Update : xen (SUSE-SU-2017:2450-1)

This update for xen fixes several issues. These security issues were fixed : - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3414-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3414-1 advisory. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges insid...

SUSE-SU-2017:2450-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2416-1)

This update for qemu fixes the following issues: Security issues fixed : - CVE-2017-10664: Fix DOS vulnerability in qemu-nbd bsc1046636 - CVE-2017-10806: Fix DOS from stack overflow in debug messages of usb redirection support bsc1047674 - CVE-2017-11334: Fix OOB access during DMA operation...

SUSE-SU-2017:2319-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-12135: Unbounded recursion in grant table code allowed a malicious guest to crash the host or potentially escalate privileges/leak information XSA-226, bsc1051787. - CVE-2017-12137: Incorrectly-aligned updates ...

[SECURITY] [DSA 3925-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3925-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 04, 2017 https://www.debian.org/security/faq -...

CVE-2017-10806

Stack-based buffer overflow in hw/usb/redirect.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service QEMU process crash via vectors related to logging debug messages...