15 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-2858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QEMU, when built with the Pseudo Random Number Generator PRNG back-end support, allows local guest OS users to cause a denial of service process crash via an...
SUSE: Security Advisory (SUSE-SU-2016:1703-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1367)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
Fedora 23 : 2:qemu (2016-f2b1f07256)
CVE-2016-3710: incorrect bounds checking in vga bz 1334345 - CVE-2016-3712: out of bounds read in vga bz 1334342 - Fix USB redirection bz 1330221 - CVE-2016-4037: infinite loop in usb ehci bz 1328080 - CVE-2016-4001: buffer overflow in stellaris net bz 1325885 - CVE-2016-2858: rng stack...
Fedora 22 : 2:qemu (2016-a3298e39f7)
CVE-2016-3710: incorrect bounds checking in vga bz 1334345 - CVE-2016-3712: out of bounds read in vga bz 1334342 - Fix USB redirection bz 1330221 - CVE-2016-4037: infinite loop in usb ehci bz 1328080 - CVE-2016-4001: buffer overflow in stellaris net bz 1325885 - CVE-2016-2858: rng stack...
openSUSE Security Update : qemu (openSUSE-2016-839)
qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...
openSUSE: Security Advisory for qemu (openSUSE-SU-2016:1750-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-2974-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2974-1 advisory. Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue t...
USN-2974-1: QEMU vulnerabilities
Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-2391 Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A...
CVE-2016-2858
QEMU, when built with the Pseudo Random Number Generator PRNG back-end support, allows local guest OS users to cause a denial of service process crash via an entropy request, which triggers arbitrary stack based allocation and memory corruption...
CVE-2016-2858
CVE-2016-2858 – QEMU PRNG back-end: Local guest OS users can trigger a denial of service by requesting entropy, causing arbitrary stack-based allocations and memory corruption. The issue is specific to builds with PRNG back-end support and results in a QEMU process crash. Connected documents conf...
GLSA-201604-01 : QEMU: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201604-01 QEMU: Multiple vulnerabilities Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact : Local users within a guest QEMU environment can execute...
Fedora 23 : xen-4.5.2-9.fc23 (2016-f4504e9445)
Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 1296080 Qemu: i386: NULL pointer dereference in vapicwrite CVE-2016-1922 1292767 qemu: Stack-based buffer overflow in megasasctrlgetinfo CVE-2015-8613 1293305 qemu-kvm: Infinite loop and out-of-bounds transfer start i...