29 matches found
SUSE: Security Advisory (SUSE-SU-2016:0658-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0010-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0020-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0021-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in Qemu-kvm affect IBM SmartCloud Entry
Summary IBM SmartCloud Entry is vulnerable to Qemu-kvm vulnerabilities. Attackers could overflow a buffer and execute arbitrary code on the system or cause the application to crash, or could exploit these vulnerabilities to gain elevated privileges on the host system or cause a denial of service,...
openSUSE Security Update : xen (openSUSE-2016-439)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed : - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen...
openSUSE: Security Advisory for xen (openSUSE-SU-2016:0995-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for xen (important)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed: - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen allow...
SUSE SLES10 Security Update : Xen (SUSE-SU-2016:0658-1)
Xen was updated to fix the following vulnerabilities : CVE-2014-0222: Qcow1 L2 table size integer overflows bsc877642 CVE-2015-4037: Insecure temporary file use in /net/slirp.c bsc932267 CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463 CVE-2015-7504: Heap buffer...
Fedora 23 : xen-4.5.2-5.fc23 (2015-12a089920e)
eepro100: Prevent two endless loops CVE-2015-8345, pcnet: fix rx buffer overflow CVE-2015-7512, ui: vnc: avoid floating point exception CVE-2015-8504, additional patch for XSA-158, CVE-2015-8338 long running memory operations on ARM XSA-158, CVE-2015-8338 XENMEMexchange error handling issues...
openSUSE: Security Advisory for qemu (openSUSE-SU-2016:0536-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3471-1 : qemu - security update
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. - CVE-2015-7504 Qinghao...
[SECURITY] [DSA 3471-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3471-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3469-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3469-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
Mageia: Security Advisory (MGASA-2016-0023)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated qemu packages fix security vulnerabilities
A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host QEMU process resulting in denial of...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:0021-1)
This update fixes the following security issues : - Enforce receive packet size, thus eliminating buffer overflow and potential security issue. bsc957162 CVE-2015-7512 - Infinite loop in processing command block list. CVE-2015-8345 bsc956829 : Also a non-security bug fixed : - Fix cases of wrong...
SUSE SLED11 / SLES11 Security Update : kvm (SUSE-SU-2016:0020-1)
This update for kvm fixes the following issues : Security issues fixed : - CVE-2015-7512: The receive packet size is now checked in the emulated pcnet driver, eliminating buffer overflow and potential security issue by malicious guest systems. bsc957162 - CVE-2015-8345: A infinite loop in...
CVE-2015-7512
Buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service guest OS crash or execute arbitrary code via a large packet...