26 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-5278
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ne2000receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service infinite loop and instance crash or possibly...
SUSE: Security Advisory (SUSE-SU-2016:1445-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1647)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430)
According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code.CVE-2020-8608 -...
CVE-2015-5278
The CVE-2015-5278 entry concerns QEMU’s ne2000_receive() in hw/net/ne2000.c, where an attacker could trigger an infinite loop and crash the QEMU instance, potentially enabling arbitrary code execution via crafted network packets. Public sources in the CVE context confirm the vulnerability exists ...
Security Bulletin: Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
Summary Multiple vulnerabilities in qemu-kvm affect IBM SmartCloud Provisioning V2.1 for IBM Software Virtual Appliance. Please note product software support discontinuance as per IBM Withdrawal Announcement 916-016. For withdrawal announcement information details see the Reference section below...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
SUSE SLES10 Security Update : Xen (SUSE-SU-2016:1445-1)
Xen was updated to fix the following security issues : CVE-2016-2841: net: ne2000: infinite loop in ne2000receive bsc969351 CVE-2016-2391: usb: multiple eoftimers in ohci module leads to NULL pointer dereference bsc967101 CVE-2016-2270: x86: inconsistent cachability flags on guest mappings XSA-15...
openSUSE Security Update : xen (openSUSE-2016-439)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed : - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen...
openSUSE: Security Advisory for xen (openSUSE-SU-2016:0995-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for xen (important)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed: - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen allow...
SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2016:0955-1)
xen was updated to fix 47 security issues. These security issues were fixed : - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers bnc864673. - CVE-2013-4529: Buffer overflow in hw/pci/pcieaer...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2015:1782-1)
qemu was updated to fix several security issues and bugs. The following vulnerabilities were fixed : - CVE-2015-5154: Heap-based buffer overflow in the IDE subsystem in QEMU, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecifi...
Mageia: Security Advisory (MGASA-2015-0397)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated qemu packages fixes security vulnerabilities
Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service QEMU process crash. CVE-2015-5278 Qinghao Tang of QIHU 360 Inc. discovered a heap buffer overflow flaw in the NE2000 NIC emulation....
Fedora Update for qemu FEDORA-2015-16369
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : qemu-2.1.3-11.fc21 (2015-16368)
CVE-2015-6815: net: e1000: infinite loop issue bz 1260225 CVE-2015-6855: ide: divide by zero issue bz 1261793 CVE-2015-5278: Infinite loop in ne2000receive bz 1263284 CVE-2015-5279: Heap overflow vulnerability in ne2000receive bz 1263287 Make block copy more stable bz 1264416 Fix hang at start of...
[USN-2745-1] QEMU vulnerabilities
========================================================================== Ubuntu Security Notice USN-2745-1 September 24, 2015 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...
Ubuntu: Security Advisory (USN-2745-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...