Lucene search
K

9 matches found

OSV
OSV
added 2016/04/12 1:59 a.m.6 views

CVE-2015-5158

Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAPSYSRAWIO permissions to cause a denial of service instance crash via an invalid opcode in a SCSI command descriptor block...

5.5CVSS7AI score
Exploits0References5
CVE
CVE
added 2016/04/08 4:0 p.m.75 views

CVE-2015-5158

CVE-2015-5158 : A stack-based buffer overflow in QEMU’s SCSI device emulation, specifically in hw/scsi/scsi-bus.c, can be triggered by an invalid SCSI CMD in a SCSI COMMAND DESCRIPTOR BLOCK when run with CAP_SYS_RAWIO, leading to a guest-host crash (denial of service). The initial description con...

5.5CVSS5.7AI score0.00434EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2016/04/08 4:0 p.m.31 views

CVE-2015-5158

Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAPSYSRAWIO permissions to cause a denial of service instance crash via an invalid opcode in a SCSI command descriptor block...

5.5CVSS6.7AI score0.00434EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/01/04 12:0 a.m.37 views

FreeBSD : qemu -- stack buffer overflow while parsing SCSI commands (a267cd6c-b0c4-11e5-8d13-bc5ff45d0f28)

Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the SCSI device emulation support is vulnerable to a stack-based buffer overflow issue. It could occur while parsing SCSI command descriptor block with an invalid operation code. A privilegedCAPSYSRAWIO user inside...

5.5CVSS7.1AI score0.00434EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/11/08 12:0 a.m.30 views

Gentoo Security Advisory GLSA 201510-02

Gentoo Linux Local Security Checks GLSA 201510-02 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.5AI score0.09668EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2015/08/24 12:0 a.m.34 views

Fedora 23 : qemu-2.4.0-1.fc23 (2015-13358)

Rebased to version 2.4.0 Support for virtio-gpu, 2D only Support for virtio-based keyboard/mouse/tablet emulation x86 support for memory hot-unplug - ACPI v5.1 table support for 'virt' board CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path bz 1230536 CVE-2015-3214: i8254: out-of-...

9.3CVSS7.2AI score0.13288EPSS
Exploits2References15
OpenVAS
OpenVAS
added 2015/08/20 12:0 a.m.49 views

Fedora Update for qemu FEDORA-2015-13402

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.3AI score0.15275EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2015/08/18 12:0 a.m.35 views

Fedora 22 : qemu-2.3.1-1.fc22 (2015-13402)

Rebased to version 2.3.1 - Fix crash in qemuspicecreatedisplay bz 1163047 - Fix qemu-img map crash for unaligned image bz 1229394 - CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path bz 1230536 - CVE-2015-3214: i8254: out-of-bounds memory access bz 1243728 - CVE-2015-5158: scsi...

9.3CVSS7.2AI score0.13288EPSS
Exploits2References15
Tenable Nessus
Tenable Nessus
added 2015/07/29 12:0 a.m.31 views

Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2692-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2692-1 advisory. Matt Tait discovered that QEMU incorrectly handled PIT emulation. In a non-default configuration, a malicious guest could use this issue to cause a denia...

7.2CVSS7.4AI score0.01594EPSS
Exploits1References4
Rows per page
Query Builder