Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2015-8558

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via...

5.5CVSS6.5AI score0.00477EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2016:1703-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.06336EPSS
Exploits2References37
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.48 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

9.8CVSS7.4AI score0.06336EPSS
Exploits3References103
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.34 views

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)

kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...

9.8CVSS7.4AI score0.06336EPSS
Exploits3References103
Tenable Nessus
Tenable Nessus
added 2016/07/08 12:0 a.m.38 views

openSUSE Security Update : qemu (openSUSE-2016-839)

qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

9.8CVSS6.5AI score0.06336EPSS
Exploits2References66
OSV
OSV
added 2016/05/23 7:59 p.m.3 views

CVE-2015-8558

The ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular isochronous transfer descriptor iTD list...

5.5CVSS6.4AI score
Exploits0References15
Cvelist
Cvelist
added 2016/05/23 7:0 p.m.27 views

CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

7AI score0.00443EPSS
Exploits0References11
CVE
CVE
added 2016/05/23 7:0 p.m.101 views

CVE-2016-4037

CVE-2016-4037 affects QEMU, specifically the USB EHCI emulation (ehci_advance_state in hw/usb/hcd-ehci.c). It enables a local privileged guest OS user to cause a denial of service via a circular split isochronous transfer descriptor list (siTD), an issue related to CVE-2015-8558. The description ...

6CVSS6.7AI score0.00443EPSS
Exploits0References11Affected Software1
CVE
CVE
added 2016/05/23 7:0 p.m.116 views

CVE-2015-8558

CVE-2015-8558 is a QEMU USB EHCI emulation flaw in ehci_process_itd that can cause an infinite loop and CPU DoS when a circular iTD list is processed. A privileged guest user could exploit this locally. Debian security advisory DSA-3471-1 notes a fix in qemu for Jessie: upgrade to 1:2.1+dfsg-12+d...

5.5CVSS6.4AI score0.00477EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2016/05/23 7:0 p.m.48 views

CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

6CVSS7AI score0.00443EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.58 views

Fedora 22 : xen-4.5.2-7.fc22 (2016-e1784417af)

PV superpage functionality missing sanity checks XSA-167, CVE-2016-1570 VMX: intercept issue with INVLPG on non-canonical address XSA-168, CVE-2016-1571 Qemu: pci: NULL pointer dereference issue CVE-2015-7549 qemu: DoS by infinite loop in ehciadvancestate CVE-2015-8558 qemu: Heap-based buffer...

8.5CVSS7AI score0.05557EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2016/02/09 12:0 a.m.54 views

Debian DSA-3471-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. - CVE-2015-7504 Qinghao...

9CVSS7.7AI score0.0773EPSS
Exploits4References56
Debian
Debian
added 2016/02/08 7:45 p.m.39 views

[SECURITY] [DSA 3471-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3471-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...

6.9CVSS0.9AI score0.0773EPSS
Exploits4
Debian
Debian
added 2016/02/08 7:45 p.m.46 views

[SECURITY] [DSA 3469-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3469-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...

9CVSS9AI score0.0773EPSS
Exploits1
OpenVAS
OpenVAS
added 2016/02/08 12:0 a.m.46 views

Debian Security Advisory DSA 3471-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...

9.3CVSS1AI score0.0773EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2016/02/05 12:0 a.m.43 views

Fedora Update for xen FEDORA-2016-2

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.2AI score0.05557EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.111 views

openSUSE Security Update : xen (openSUSE-2016-34)

This update for xen fixes the following security issues : - CVE-2015-8550: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: qemu: usb: infinite loop in ehciadvancestate results in DoS boo959006 - CVE-2015-7549: qemu pci: NULL pointer dereference...

10CVSS6.8AI score0.03115EPSS
Exploits3References31
OpenVAS
OpenVAS
added 2016/01/18 12:0 a.m.40 views

Mageia: Security Advisory (MGASA-2016-0023)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.6AI score0.0773EPSS
Exploits3References3
Mageia
Mageia
added 2016/01/17 12:26 a.m.54 views

Updated qemu packages fix security vulnerabilities

A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host QEMU process resulting in denial of...

9CVSS8.4AI score0.0773EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2016/01/15 12:0 a.m.46 views

openSUSE: Security Advisory for xen (openSUSE-SU-2016:0124-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.4AI score0.03115EPSS
Exploits1References1
Rows per page
Query Builder