6 matches found
openSUSE Security Update : kvm (kvm-1545)
This update of QEMU KVM fixes the following bugs : - CVE-2009-3616: CVSS v2 Base Score: 8.5 use-after-free bug in VNC code which might be used to execute code on the host system injected from the guest system - CVE-2009-3638: CVSS v2 Base Score: 7.2 integer overflow in kvmdevioctlgetsupportedcpui...
SLES11: Security update for KVM
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: kvm kvm-kmp-default kvm-kmp-pae More details may also be found by searching for the SuSE Enterprise Server 11 patch database linked in the references...
SuSE 11 Security Update : KVM (SAT Patch Number 1553)
This update of QEMU KVM fixes the following bugs : - use-after-free bug in VNC code which might be used to execute code on the host system injected from the guest system. CVE-2009-3616: CVSS v2 Base Score: 8.5 - integer overflow in kvmdevioctlgetsupportedcpuid. CVE-2009-3638: CVSS v2 Base Score:...
openSUSE Security Update : kvm (kvm-1547)
This update of QEMU KVM fixes the following bugs : - CVE-2009-3616: CVSS v2 Base Score: 8.5 use-after-free bug in VNC code which might be used to execute code on the host system injected from the guest system - CVE-2009-3638: CVSS v2 Base Score: 7.2 integer overflow in kvmdevioctlgetsupportedcpui...
openSUSE Security Update : qemu (qemu-1537)
The VNC server of qemu was vulnerable to use-after-free bugs, that allowed the execution of code on the host system initiated from the guest system. This can be used to escape from the guest machine to the host machine. CVE-2009-3616: CVSS v2 Base Score: 8.5 %NASLMINLEVEL 70300 C Tenable Network...
CVE-2009-3616
CVE-2009-3616 covers multiple use-after-free vulnerabilities in the VNC server (vnc.c) of QEMU/KVM before 0.10.6. The VNC server could allow a guest OS user to execute arbitrary code on the host by (1) disconnecting during data transfer, (2) sending data with incorrect integer types, or (3) using...