30 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-7815
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The setpixelformat function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service crash via a small bytesperpixel value. CVE-2014-7815 Note...
SUSE: Security Advisory (SUSE-SU-2016:1445-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
The Mutiny Fuzzing Framework and Decept Proxy
This blog post is authored by James Spadaro of Cisco ASIG and Lilith Wyatt of Cisco Talos. Imagine a scenario where you, as a vulnerability researcher, are tasked with auditing a network application to identify vulnerabilities. By itself, the task may not seem too daunting until you learn of a...
SUSE SLES10 Security Update : Xen (SUSE-SU-2016:1445-1)
Xen was updated to fix the following security issues : CVE-2016-2841: net: ne2000: infinite loop in ne2000receive bsc969351 CVE-2016-2391: usb: multiple eoftimers in ohci module leads to NULL pointer dereference bsc967101 CVE-2016-2270: x86: inconsistent cachability flags on guest mappings XSA-15...
SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2016:0955-1)
xen was updated to fix 47 security issues. These security issues were fixed : - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers bnc864673. - CVE-2013-4529: Buffer overflow in hw/pci/pcieaer...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2015:1782-1)
qemu was updated to fix several security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-5154: Heap-based buffer overflow in the IDE subsystem in QEMU, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecifi...
Oracle: Security Advisory (ELSA-2015-0349)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201412-01
Gentoo Linux Local Security Checks GLSA 201412-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Oracle Linux 7 : qemu-kvm (ELSA-2015-0349)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0349 advisory. - Resolves: bz1169456 CVE-2014-8106 qemu-kvm: qemu: cirrus: insufficient blit region checks rhel-7.1 - Resolves: bz1163078 CVE-2014-7840 qemu-kvm: qemu...
RedHat Update for qemu-kvm RHSA-2015:0349-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : qemu-kvm-rhev (RHSA-2015:0624)
Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...
Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update
Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring Syste...
Important: Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update
Updated qemu-kvm packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...
GLSA-201412-01 : QEMU: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201412-01 QEMU: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker could cause a Denial of Service...
QEMU vnc set_pixel_format bits_per_pixel Null Pointer Dereference (CVE-2014-7815)
A null pointer dereference vulnerability has been found in QEMU vnc. The vulnerability is due to insufficient checking of an initialized buffer. A remote attacker could exploit this vulnerability by setting bitsperpixel to a value that is less than 8. Successful exploitation could lead to a denia...
CVE-2014-7815
CVE-2014-7815 affects the QEMU component: the function set_pixel_format in ui/vnc.c can be triggered remotely to crash the QEMU process (DoS) by sending a small value for bytes_per_pixel. The vulnerability is explicitly documented in multiple advisories and patches were issued in openSUSE/SUSE se...
Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2409-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2409-1 advisory. Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host...
Fedora Update for qemu FEDORA-2014-14033
Check the version of qemu SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868474";...
Fedora 20 : qemu-1.6.2-10.fc20 (2014-14033)
CVE-2014-7815 vnc: insufficient bitsperpixel from the client sanitization bz 1157647, bz 1157641 - CVE-2014-3689 vmwarevga: insufficient parameter validation in rectangle functions bz 1153038, bz 1153035 Note that Tenable Network Security has extracted the preceding description block directly...
[SECURITY] [DSA 3066-1] qemu security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3066-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 06, 2014 http://www.debian.org/security/faq -...