17 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-6399
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm...
Mageia: Security Advisory (MGASA-2014-0426)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Memory Corruption
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...
Arbitrary Code Execution
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...
Arbitrary Code Execution
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...
RHEL 6 : qemu-kvm-rhev (RHSA-2014:0744)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0744 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provid...
RHEL 6 : rhev-hypervisor6 3.4.0 (RHSA-2014:0674)
Updated rhev-hypervisor6 packages that fix multiple security issues, several bugs, and add various enhancements are now available. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...
CVE-2013-6399
Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...
CVE-2013-6399
Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...
CVE-2013-6399
CVE-2013-6399 affects QEMU prior to 1.7.2, due to an array index error in virtio_load (hw/virtio/virtio.c) that can allow remote code execution via a crafted savevm image. Remediation per description is to update to a fixed version (QEMU 1.7.2 or newer). Technical details in connected docs are li...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix multiple security issues are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
Ubuntu: Security Advisory (USN-2342-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2342-1: QEMU vulnerabilities
Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...
RedHat Update for qemu-kvm RHSA-2014:0927-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : qemu-kvm (ELSA-2014-0927)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0927 advisory. - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z -...
qemu-kvm security and bug fix update
1.5.3-60.el70.5 - kvm-Allow-mismatched-virtio-config-len.patch bz1095782 - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z 1.5.3-60.el70.4 - kvm-zero-initialize-KVMSETGSIROUTING-input.patch bz1110693 -...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Virtualization. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...