21 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-5745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process...
SUSE: Security Advisory (SUSE-SU-2016:1703-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1647)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430)
According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code.CVE-2020-8608 -...
CVE-2015-5745
CVE-2015-5745: A buffer overflow in QEMU’s virtio-serial device (send_control_msg in hw/char/virtio-serial-bus.c) allows a crafted virtio control message from a guest to crash the QEMU process. Affects QEMU before 2.4.0. Multiple sources (Debian DSA-3349-1; Gentoo GLSA 201602-01; Arista advisory)...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
openSUSE Security Update : qemu (openSUSE-2016-839)
qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...
Debian DSA-3348-1 : qemu - security update
Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2015-3214 Matt Tait of Google's Project Zero security team discovered a flaw in the QEMU i8254 PIT emulation. A privileged guest user in a guest with QEMU PIT emulation enabled could potentially use this flaw to...
Debian DSA-3349-1 : qemu-kvm - security update
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-5165 Donghai Zhu discovered that the QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation, allowing a malicious guest to read...
[SECURITY] [DSA 3348-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3348-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 02, 2015 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3349-1 (qemu-kvm - security update)
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2015-5165 Donghai Zhu discovered that the QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation, allowing a malicious guest to read...
Debian Security Advisory DSA 3348-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a fast processor emulator. CVE-2015-3214 Matt Tait of Google OpenVAS Vulnerability Test $Id: deb3348.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3348-1 using nvtgen 1.0 Script version: 1.0 Author: Greenbone Networks...
Fedora Update for qemu FEDORA-2015-13404
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-3348-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2724-1] QEMU vulnerabilities
========================================================================== Ubuntu Security Notice USN-2724-1 August 27, 2015 qemu, qemu-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its...
USN-2724-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9718 Donghai Zhu discovered that QEMU...
Fedora 23 : qemu-2.4.0-1.fc23 (2015-13358)
Rebased to version 2.4.0 Support for virtio-gpu, 2D only Support for virtio-based keyboard/mouse/tablet emulation x86 support for memory hot-unplug - ACPI v5.1 table support for 'virt' board CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path bz 1230536 CVE-2015-3214: i8254: out-of-...
Fedora Update for qemu FEDORA-2015-13402
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : qemu-2.3.1-1.fc22 (2015-13402)
Rebased to version 2.3.1 - Fix crash in qemuspicecreatedisplay bz 1163047 - Fix qemu-img map crash for unaligned image bz 1229394 - CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path bz 1230536 - CVE-2015-3214: i8254: out-of-bounds memory access bz 1243728 - CVE-2015-5158: scsi...