20 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-7295
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to...
EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430)
According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code.CVE-2020-8608 -...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
Fedora 23 : xen-4.5.1-13.fc23 (2015-46b18ccdc3)
Qemu: net: virtio-net possible remote DoS CVE-2015-7295 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 21 : xen-4.4.3-6.fc21 (2015-d8510319c0)
Qemu: net: virtio-net possible remote DoS CVE-2015-7295 1264392 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...
Fedora 23 : qemu-2.4.0.1-1.fc23 (2015-ca9f0952f1)
Rebased to version 2.4.0.1 CVE-2015-7295: virtio-net possible remote DoS bz 1264393 drive-mirror: Fix coroutine reentrance bz 1266936 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...
Fedora 22 : xen-4.5.1-13.fc22 (2015-fca1900745)
Qemu: net: virtio-net possible remote DoS CVE-2015-7295, create a symbolic link so libvirt VMs from xen 4.0 to 4.4 can still find qemu-dm Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora 22 : qemu-2.3.1-7.fc22 (2015-d5c1048b47)
CVE-2015-7295: virtio-net possible remote DoS bz 1264393 drive-mirror: Fix coroutine reentrance bz 1266936 Fix udp socket 'localaddr' bz 1268708 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Debian DSA-3471-1 : qemu - security update
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. - CVE-2015-7504 Qinghao...
[SECURITY] [DSA 3471-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3471-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3469-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3469-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3469-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3469-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
CVE-2015-7295
hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...
CVE-2015-7295
CVE-2015-7295 affects QEMU virtio-net (Virtual Network Device) where, if big or mergeable receive buffers are not supported, a remote attacker can cause a denial of service by flooding jumbo frames on tuntap or macvtap, exhausting guest network receive buffers. Affected product area: QEMU’s virti...
CVE-2015-7295
hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...
CVE-2015-7295
hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service guest network consumption via a flood of jumbo frames on the 1 tuntap or 2 macvtap interface...
Mageia: Security Advisory (MGASA-2015-0397)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated qemu packages fixes security vulnerabilities
Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service QEMU process crash. CVE-2015-5278 Qinghao Tang of QIHU 360 Inc. discovered a heap buffer overflow flaw in the NE2000 NIC emulation....