19 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-13361
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In QEMU 5.0.0 and earlier, es1370transferaudio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an...
BELL-CVE-2020-13361 CVE-2020-13361 does not affect BellSoft software
Bulletin has no description...
Ubuntu: Security Advisory (USN-4467-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2021-2855)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:14704-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:1305-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1455)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-13361 affecting package qemu-kvm 4.2.0-48
CVE-2020-13361 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2020-2320)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4467-1: QEMU vulnerabilities
Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...
openSUSE Security Update : qemu (openSUSE-2020-1108)
This update for qemu to version 4.2.1 fixes the following issues : - CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. - CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. - CVE-2020-13659: Fixed a NULL...
openSUSE: Security Advisory for qemu (openSUSE-SU-2020:1108-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:2015-1)
This update for qemu to version 4.2.1 fixes the following issues : CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. CVE-2020-13659: Fixed a NULL pointer...
Debian: Security Advisory (DLA-2288-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4728-1 : qemu - security update
Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4728. The text itself is copyright C...
[SECURITY] [DSA 4728-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4728-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 19, 2020 https://www.debian.org/security/faq -...
[SECURITY] [DLA 2262-1] qemu security update
Package : qemu Version : 1:2.1+dfsg-12+deb8u15 CVE ID : CVE-2020-1983 CVE-2020-13361 CVE-2020-13362 CVE-2020-13765 Debian Bug : Several vulnerabilities were fixed in qemu, a fast processor emulator. CVE-2020-1983 slirp: Fix use-after-free in ipreass. CVE-2020-13361 es1370transferaudio in...
CVE-2020-13361
CVE-2020-13361 affects QEMU: es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, allowing guest OS users to trigger an out-of-bounds access during an es1370_write() on QEMU 5.0.0 and earlier. The issue is documented across multiple advisories and vendor response...
CVE-2020-13361
An out-of bounds access flaw was found in the ES1370 audio device emulator of the QEMU. This flaw occurs in the 'audiopcmswread', while reading an audio byte stream from a channel if the channel frame count is set to a malicious value. A guest user or process may use this flaw to crash the QEMU...