11 matches found
Arbitrary Code Execution
QEMU is vulnerable to arbitray code execution. A local guest user is able to write arbitrary data outside of VRAM-allocated buffer boundaries in the host's application address space due to insufficient checks in the Cirrus blit region, leading to execution of arbitrary code...
qemu security update
CentOS Errata and Security Advisory CESA-2015:0867 An updated qemu-kvm package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS...
Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20150421)
It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM- allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. CVE-2014-8106 This update also fixes the following bug : -...
Important: Red Hat Security Advisory: qemu-kvm security and bug fix update
An updated qemu-kvm package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
qemu: cirrus: insufficient blit region checks
It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data...
Oracle Linux 7 : qemu-kvm (ELSA-2015-0349)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0349 advisory. - Resolves: bz1169456 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-7.1 - Resolves: bz1163078 CVE-2014-7840 qemu-kvm: qemu...
RedHat Update for qemu-kvm RHSA-2015:0349-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
qemu: cirrus: insufficient blit region checks
It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data...
Important: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base scor...
Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update
Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...
qemu: cirrus: insufficient blit region checks
It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data...