Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:28 a.m.31 views

Security Bulletin: PowerKVM is affected by a qemu vulnerability (CVE-2014-9718)

Summary PowerKVM is affected by a qemu vulnerability. Vulnerability Details CVEID: CVE-2014-9718 DESCRIPTION: QEMU is vulnerable to a denial of service, caused by the failure to restrict malicious PRDT data from flowing from a guest to the host's IDE or AHCI controllers. A remote attacker could...

4.9CVSS0.3AI score0.00407EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.34 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

9.8CVSS7.4AI score0.06336EPSS
Exploits3References103
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.48 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

9.8CVSS7.4AI score0.06336EPSS
Exploits3References103
Tenable Nessus
Tenable Nessus
added 2016/04/07 12:0 a.m.36 views

SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2016:0955-1)

xen was updated to fix 47 security issues. These security issues were fixed : - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers bnc864673. - CVE-2013-4529: Buffer overflow in hw/pci/pcieaer...

9CVSS7.8AI score0.0773EPSS
Exploits4References144
securityvulns
securityvulns
added 2015/08/31 12:0 a.m.100 views

[USN-2724-1] QEMU vulnerabilities

========================================================================== Ubuntu Security Notice USN-2724-1 August 27, 2015 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...

7.2CVSS0.9AI score0.13288EPSS
Exploits1
Ubuntu
Ubuntu
added 2015/08/27 12:0 p.m.70 views

USN-2724-1: QEMU vulnerabilities

It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9718 Donghai Zhu discovered that QEMU...

9.3CVSS7.6AI score0.13288EPSS
Exploits1
Debian
Debian
added 2015/05/13 4:7 p.m.42 views

[SECURITY] [DSA 3259-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3259-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 13, 2015 http://www.debian.org/security/faq -...

8.6CVSS10AI score0.15275EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/05/13 12:0 a.m.41 views

Debian Security Advisory DSA 3259-1 (qemu - security update)

Several vulnerabilities were discovered in the qemu virtualisation solution: CVE-2014-9718 It was discovered that the IDE controller emulation is susceptible to denial of service. CVE-2015-1779 Daniel P. Berrange discovered a denial of service vulnerability in the VNC web socket decoder...

7.8CVSS0.7AI score0.15275EPSS
Exploits1References1
OSV
OSV
added 2015/05/13 12:0 a.m.23 views

DSA-3259-1 qemu - security update

Bulletin has no description...

8.6CVSS7.2AI score0.15275EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/05/13 12:0 a.m.34 views

Debian DSA-3259-1 : qemu - security update (Venom)

Several vulnerabilities were discovered in the qemu virtualisation solution : - CVE-2014-9718 It was discovered that the IDE controller emulation is susceptible to denial of service. - CVE-2015-1779 Daniel P. Berrange discovered a denial of service vulnerability in the VNC web socket decoder. -...

8.6CVSS8AI score0.15275EPSS
Exploits1References12
CVE
CVE
added 2015/04/21 4:0 p.m.93 views

CVE-2014-9718

CVE-2014-9718 affects QEMU 1.0–2.1.3 (IDE: BMDMA and AHCI HBA). The vulnerability comes from multiple interpretations of a function return value in bmdma_prepare_buf/ahci_dma_prepare_buf, allowing a guest OS user to trigger host DoS via a PRDT with zero complete sectors, potentially causing memor...

4.9CVSS7AI score0.00407EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2015/04/21 12:0 a.m.29 views

CVE-2014-9718

The 1 BMDMA and 2 AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service memory consumption or infinite loop, and system crash via a PRDT with zero complete...

4.9CVSS6.8AI score0.00407EPSS
Exploits0References3
Rows per page
Query Builder