Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2015-3214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pitioportread in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might...

6.9CVSS7.1AI score0.01594EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/09/06 12:0 a.m.54 views

RHEL 7 : qemu-kvm-rhev (RHSA-2015:1508)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1508 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provid...

7.2CVSS8.2AI score0.01594EPSS
Exploits1References6
Lenovo
Lenovo
added 2017/01/23 12:0 a.m.80 views

QEMU i8254 PIT Emulation Bug

Lenovo Security Advisory: LEN-2015-075 Potential Impact: Escalation of Privileges Severity: High Summary: A vulnerability was reported in QEMU where a local user on the guest system could potentially obtain elevated privileges on the target host system. This vulnerability was reported to Red Hat...

6.9CVSS6.6AI score0.01594EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.34 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

9.8CVSS7.4AI score0.06336EPSS
Exploits3References103
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.48 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

9.8CVSS7.4AI score0.06336EPSS
Exploits3References103
OpenVAS
OpenVAS
added 2015/11/08 12:0 a.m.30 views

Gentoo Security Advisory GLSA 201510-02

Gentoo Linux Local Security Checks GLSA 201510-02 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.5AI score0.09668EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/09/03 12:0 a.m.46 views

Debian DSA-3348-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2015-3214 Matt Tait of Google's Project Zero security team discovered a flaw in the QEMU i8254 PIT emulation. A privileged guest user in a guest with QEMU PIT emulation enabled could potentially use this flaw to...

9.3CVSS8.1AI score0.13288EPSS
Exploits2References20
Debian
Debian
added 2015/09/02 4:22 p.m.61 views

[SECURITY] [DSA 3348-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3348-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 02, 2015 https://www.debian.org/security/faq -...

9.3CVSS8.2AI score0.13288EPSS
Exploits2
OpenVAS
OpenVAS
added 2015/09/02 12:0 a.m.37 views

Debian Security Advisory DSA 3348-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2015-3214 Matt Tait of Google OpenVAS Vulnerability Test $Id: deb3348.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3348-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks...

7.2CVSS0.6AI score0.13288EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2015/09/02 12:0 a.m.52 views

Fedora Update for qemu FEDORA-2015-13404

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7AI score0.13288EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/09/01 12:0 a.m.39 views

Debian: Security Advisory (DSA-3348-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.8AI score0.13288EPSS
Exploits2References3
OSV
OSV
added 2015/08/31 10:59 a.m.7 views

CVE-2015-3214

The pitioportread in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index...

7.8AI score
Exploits0References24
Cvelist
Cvelist
added 2015/08/31 10:0 a.m.30 views

CVE-2015-3214

The pitioportread in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an invalid index...

6.2AI score0.01594EPSS
Exploits1References17
CVE
CVE
added 2015/08/31 10:0 a.m.185 views

CVE-2015-3214

CVE-2015-3214 affects QEMU prior to 2.3.1 (pit_ioport_read in i8254.c) and Linux kernel prior to 2.6.33. The flaw does not distinguish between read and write lengths, potentially allowing a privileged guest user (with PIT emulation enabled) to trigger an invalid index and cause arbitrary host cod...

6.9CVSS6.1AI score0.01594EPSS
Exploits1References17Affected Software2
Tenable Nessus
Tenable Nessus
added 2015/08/24 12:0 a.m.34 views

Fedora 23 : qemu-2.4.0-1.fc23 (2015-13358)

Rebased to version 2.4.0 Support for virtio-gpu, 2D only Support for virtio-based keyboard/mouse/tablet emulation x86 support for memory hot-unplug - ACPI v5.1 table support for 'virt' board CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path bz 1230536 CVE-2015-3214: i8254: out-of-...

9.3CVSS7.2AI score0.13288EPSS
Exploits2References15
OpenVAS
OpenVAS
added 2015/08/20 12:0 a.m.49 views

Fedora Update for qemu FEDORA-2015-13402

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.15275EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2015/08/18 12:0 a.m.35 views

Fedora 22 : qemu-2.3.1-1.fc22 (2015-13402)

Rebased to version 2.3.1 - Fix crash in qemuspicecreatedisplay bz 1163047 - Fix qemu-img map crash for unaligned image bz 1229394 - CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path bz 1230536 - CVE-2015-3214: i8254: out-of-bounds memory access bz 1243728 - CVE-2015-5158: scsi...

9.3CVSS7.2AI score0.13288EPSS
Exploits2References15
F5 Networks
F5 Networks
added 2015/08/03 12:0 a.m.51 views

SOL17057 - QEMU vulnerabilities CVE-2015-3214, CVE-2015-5154, and CVE-2015-5158

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

7.2CVSS0.5AI score0.01594EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2015/08/03 12:0 a.m.37 views

RedHat Update for qemu-kvm RHSA-2015:1507-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS6.6AI score0.01594EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/07/29 12:0 a.m.31 views

Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2692-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2692-1 advisory. Matt Tait discovered that QEMU incorrectly handled PIT emulation. In a non-default configuration, a malicious guest could use this issue to cause a denia...

7.2CVSS7.4AI score0.01594EPSS
Exploits1References4
Rows per page
Query Builder