Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-8567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service memory consumption. CVE-2015-8567 Note that Nessus relies on the...

7.7CVSS7.5AI score0.05557EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2016:1703-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.06336EPSS
Exploits2References37
OSV
OSV
added 2017/04/13 5:59 p.m.8 views

CVE-2015-8567

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service memory consumption...

7.7CVSS7.8AI score
Exploits0References30
CVE
CVE
added 2017/04/13 5:0 p.m.124 views

CVE-2015-8567

CVE-2015-8567 describes a memory leak in the QEMU vmxnet3 device emulator (net/vmxnet3.c) that could allow a remote attacker to cause a denial of service via memory exhaustion. The vulnerability is part of multiple CVEs in QEMU; Debian security advisories report fixes in stable Jessie to version ...

7.7CVSS7.7AI score0.05557EPSS
Exploits1References18Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/07/08 12:0 a.m.38 views

openSUSE Security Update : qemu (openSUSE-2016-839)

qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

9.8CVSS6.5AI score0.06336EPSS
Exploits2References66
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.58 views

Fedora 22 : xen-4.5.2-7.fc22 (2016-e1784417af)

PV superpage functionality missing sanity checks XSA-167, CVE-2016-1570 VMX: intercept issue with INVLPG on non-canonical address XSA-168, CVE-2016-1571 Qemu: pci: NULL pointer dereference issue CVE-2015-7549 qemu: DoS by infinite loop in ehciadvancestate CVE-2015-8558 qemu: Heap-based buffer...

8.5CVSS7AI score0.05557EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.42 views

Fedora 22 : qemu-2.3.1-11.fc22 (2016-275e9ff483)

CVE-2015-8567: net: vmxnet3: host memory leakage bz 1289818 CVE-2016-1922: i386: avoid NULL pointer dereference bz 1292766 CVE-2015-8613: buffer overflow in megasasctrlgetinfo bz 1284008 CVE-2015-8743: ne2000: OOB memory access in ioport r/w functions bz 1294787 Note that Tenable Network Security...

7.7CVSS6.7AI score0.05557EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2016/02/09 12:0 a.m.54 views

Debian DSA-3471-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. - CVE-2015-7504 Qinghao...

9CVSS7.7AI score0.0773EPSS
Exploits4References56
Debian
Debian
added 2016/02/08 7:45 p.m.39 views

[SECURITY] [DSA 3471-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3471-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 08, 2016 https://www.debian.org/security/faq -...

6.9CVSS0.9AI score0.0773EPSS
Exploits4
OpenVAS
OpenVAS
added 2016/02/08 12:0 a.m.46 views

Debian Security Advisory DSA 3471-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...

9.3CVSS1AI score0.0773EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2016/02/05 12:0 a.m.43 views

Fedora Update for xen FEDORA-2016-2

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.2AI score0.05557EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.50 views

openSUSE Security Update : xen (openSUSE-2016-35)

This update for xen fixes the following security issues : - CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop i...

8.8CVSS7.1AI score0.05557EPSS
Exploits4References28
OpenVAS
OpenVAS
added 2016/01/18 12:0 a.m.40 views

Mageia: Security Advisory (MGASA-2016-0023)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS7.6AI score0.0773EPSS
Exploits3References3
Mageia
Mageia
added 2016/01/17 12:26 a.m.54 views

Updated qemu packages fix security vulnerabilities

A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host QEMU process resulting in denial of...

9CVSS8.4AI score0.0773EPSS
Exploits3References1
OPENSUSE Linux
OPENSUSE Linux
added 2016/01/14 10:19 p.m.48 views

Security update for xen (important)

This update for xen fixes the following issues: - CVE-2015-8567,CVE-2015-8568: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...

7.8CVSS0.4AI score0.05557EPSS
Exploits4References14
OPENSUSE Linux
OPENSUSE Linux
added 2016/01/14 10:13 p.m.43 views

Security update for xen (important)

This update for xen fixes the following security issues: - CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage boo959387 - CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents XSA-155, boo957988 - CVE-2015-8558: xen: qemu: usb: infinite loop in...

7.8CVSS0.4AI score0.05557EPSS
Exploits4References14
seebug.org
seebug.org
added 2016/01/09 12:0 a.m.85 views

qemu内存泄露漏洞(CVE-2015-8567)

No description provided by source. !/bin/bash 这可能是最简单的exp吧... 原理很简单,根据详情分析,发现重新启动网卡就会调用vmxnet3activatedevice 然后堆就不停的分配内存 直到进程漰溃 这是一段bash shell脚本 eth1是我这里虚拟机上的vmxnet3设备 从开始运行直到漰溃用了我一個午觉时间,大概40分钟 其实具体情况按照自己本机机器来定,时间长短不一 root权限执行 while true do ifconfig eth1 down && echo 'Down!' ifconfig eth1 up &&...

6.8CVSS7.7AI score0.05557EPSS
Exploits1
myhack58
myhack58
added 2016/01/02 12:0 a.m.28 views

3 6 0 Marvel Team virtualization vulnerabilities the fourth bomb: CVE-2 0 1 5-8 5 6 7 vulnerability analysis-vulnerability warning-the black bar safety net

2 0 1 5 years is“the cloud leap”year, is also a virtualization vulnerability really is people cognition, attention of a year, unwilling to“like the wind”3 6 0 Marvel Team take the initiative, with practical actions for cloud computing escort. As of today, we accumulated in kvm, xen, vmware platfo...

7.7AI score0.05557EPSS
Exploits1
Rows per page
Query Builder