17 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-4151
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers...
SUSE CVE-2013-4151
The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...
Mageia: Security Advisory (MGASA-2014-0426)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Memory Corruption
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...
Arbitrary Code Execution
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...
Arbitrary Code Execution
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...
RHEL 6 : qemu-kvm-rhev (RHSA-2014:0744)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0744 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provid...
RHEL 6 : rhev-hypervisor6 3.4.0 (RHSA-2014:0674)
Updated rhev-hypervisor6 packages that fix multiple security issues, several bugs, and add various enhancements are now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
CVE-2013-4151
The virtioload function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write...
CVE-2013-4151
The vulnerability CVE-2013-4151 affects QEMU 1.x before 1.7.2, where the virtio_load path in virtio/virtio.c can be triggered by a crafted savevm image. This leads to an out-of-bounds write, enabling remote code execution on the host when a guest state is loaded. Root cause: insufficient validati...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix multiple security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
Ubuntu: Security Advisory (USN-2342-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2342-1: QEMU vulnerabilities
Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...
RedHat Update for qemu-kvm RHSA-2014:0927-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : qemu-kvm (ELSA-2014-0927)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0927 advisory. - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z -...
qemu-kvm security and bug fix update
1.5.3-60.el70.5 - kvm-Allow-mismatched-virtio-config-len.patch bz1095782 - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z 1.5.3-60.el70.4 - kvm-zero-initialize-KVMSETGSIROUTING-input.patch bz1110693 -...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Virtualization. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...