11 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-2198
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QEMU aka Quick Emulator built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts ...
[SECURITY] [DLA 1497-1] qemu security update
Package : qemu Version : 1:2.1+dfsg-12+deb8u7 CVE ID : CVE-2015-8666 CVE-2016-2198 CVE-2016-6833 CVE-2016-6835 CVE-2016-8576 CVE-2016-8667 CVE-2016-8669 CVE-2016-9602 CVE-2016-9603 CVE-2016-9776 CVE-2016-9907 CVE-2016-9911 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 CVE-2016-9921 CVE-2016-9922...
CVE-2016-2198
CVE-2016-2198 affects QEMU when built with USB EHCI emulation. The root cause is a null pointer dereference in ehci_caps_write during writes to EHCI capability registers, which could be triggered by a privileged user inside the guest and may crash the QEMU process, causing a DoS. Technical detail...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
Fedora 23 : 2:qemu (2016-f2b1f07256)
CVE-2016-3710: incorrect bounds checking in vga bz 1334345 - CVE-2016-3712: out of bounds read in vga bz 1334342 - Fix USB redirection bz 1330221 - CVE-2016-4037: infinite loop in usb ehci bz 1328080 - CVE-2016-4001: buffer overflow in stellaris net bz 1325885 - CVE-2016-2858: rng stack...
Fedora 22 : 2:qemu (2016-a3298e39f7)
CVE-2016-3710: incorrect bounds checking in vga bz 1334345 - CVE-2016-3712: out of bounds read in vga bz 1334342 - Fix USB redirection bz 1330221 - CVE-2016-4037: infinite loop in usb ehci bz 1328080 - CVE-2016-4001: buffer overflow in stellaris net bz 1325885 - CVE-2016-2858: rng stack...
openSUSE Security Update : xen (openSUSE-2016-439)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed : - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen...
Security update for xen (important)
xen was updated to version 4.4.4 to fix 33 security issues. These security issues were fixed: - CVE-2016-2392: NULL pointer dereference in remote NDIS control message handling bsc967012. - CVE-2015-5239: Integer overflow in vncclientread and protocolclientmsg bsc944463. - CVE-2016-2270: Xen allow...
GLSA-201604-01 : QEMU: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201604-01 QEMU: Multiple vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Local users within a guest QEMU environment can execute...
Fedora 23 : xen-4.5.2-9.fc23 (2016-f4504e9445)
Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 1296080 Qemu: i386: NULL pointer dereference in vapicwrite CVE-2016-1922 1292767 qemu: Stack-based buffer overflow in megasasctrlgetinfo CVE-2015-8613 1293305 qemu-kvm: Infinite loop and out-of-bounds transfer start i...