20 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-2894
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART...
Arbitrary Code Execution
KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the wa...
Gentoo Security Advisory GLSA 201408-17
Gentoo Linux Local Security Checks GLSA 201408-17 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Fedora Update for qemu FEDORA-2014-14033
Check the version of qemu SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868474";...
RHEL 6 : qemu-kvm-rhev (RHSA-2014:0744)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0744 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provid...
Fedora Update for qemu FEDORA-2014-11641
Check the version of qemu SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868371";...
RHEL 7 : qemu-kvm (RHSA-2014:0704)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:0704 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide a user-spac...
Fedora Update for qemu FEDORA-2014-8183
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for qemu-kvm RHSA-2014:0704-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 6 : qemu-kvm (ELSA-2014-0743)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0743 advisory. 0.12.1.2-2.415.el65.10 - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch bz1095692 -...
qemu-kvm security and bug fix update
0.12.1.2-2.415.el65.10 - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch bz1095692 - kvm-usb-sanity-check-setupindex-setuplen-in-postload.patch bz1095743 - kvm-usb-sanity-check-setupindex-setuplen-in-postload-2.patch bz1095743 -...
[SECURITY] [DSA 2932-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2932-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 19, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2932-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2932-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 19, 2014 http://www.debian.org/security/faq -...
Fedora Update for qemu FEDORA-2014-5825
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for qemu FEDORA-2014-5825
Check for the Version of qemu OpenVAS Vulnerability Test Fedora Update for qemu FEDORA-2014-5825 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora 20 : qemu-1.6.2-4.fc20 (2014-5825)
Fix arm sd warnings with latest kernel bz 1091548 - Fix regression in CVE backport that affects openstack thanks lbezdick - Fix guest startup crashes from autotest bz 1081610 - Block/image format validation CVE-2014-0142 - 2014-0148 bz 1078201, bz 1086710, bz 1079140, bz 1086724, bz 1079240, bz...
Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2182-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2182-1 advisory. Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or...
USN-2182-1: QEMU vulnerabilities
Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. This issue only applied to Ubuntu 13.10 and Ubuntu 14.04 LTS. CVE-2013-4544 Michael S. Tsirkin...
CVE-2014-2894
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
CVE-2014-2894
CVE-2014-2894 affects QEMU prior to 2.0, due to an off-by-one error in the cmd_smart function of the smart self test (hw/ide/core.c) that can trigger a buffer underflow and memory corruption via SMART EXECUTE OFFLINE. Local users are potentially affected; remediation is to upgrade to patched QEMU...