28 matches found
Debian: Security Advisory (DLA-573-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-574-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2016-4439
The espregwrite function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash or potentially execute arbitrary code o...
SUSE: Security Advisory (SUSE-SU-2016:2100-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2528-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1703-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : xen (SUSE-SU-2016:2528-1) (Bunker Buster)
This update for xen fixes several issues. These security issues were fixed : - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update bsc995792 - CVE-2016-7092: The getpagefroml3e...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1698-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
SUSE SLES11 Security Update : kvm (SUSE-SU-2016:1785-1)
kvm was updated to fix 33 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-3710: Fixed VGA emulation based OOB access with potential for guest escape bsc9781...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU regression (USN-3047-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3047-2 advisory. USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memor...
USN-3047-2: QEMU regression
USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize fo...
Ubuntu: Security Advisory (USN-3047-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3047-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3047-1 advisory. Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this...
USN-3047-1: QEMU vulnerabilities
Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is...
[SECURITY] [DLA 573-1] qemu security update
Package : qemu Version : 1.1.2+dfsg-6+deb7u14 CVE ID : CVE-2015-5239 CVE-2016-2857 CVE-2016-4020 CVE-2016-4439 CVE-2016-5403 CVE-2016-6351 Multiple vulnerabilities have been discovered in QEMU, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following...
Fedora 22 : xen (2016-4edd58a3b5)
cleaner way to set kernel module load list Unrestricted qemu logging XSA-180, CVE-2014-3672 1339125 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in espregwrite CVE-2016-4439 1337502 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in getcmd CVE-2016-4441 1337505 Qemu: scsi: megasa...
Fedora 24 : xen (2016-cfea37952b)
cleaner way to set kernel module load list Unrestricted qemu logging XSA-180, CVE-2014-3672 1339125 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in espregwrite CVE-2016-4439 1337502 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in getcmd CVE-2016-4441 1337505 Qemu: scsi: megasa...
Fedora 23 : xen (2016-8d3fe9914b)
cleaner way to set kernel module load list Unrestricted qemu logging XSA-180, CVE-2014-3672 1339125 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in espregwrite CVE-2016-4439 1337502 Qemu: scsi: esp: OOB write while writing to 's-cmdbuf' in getcmd CVE-2016-4441 1337505 Qemu: scsi: megasa...
Fedora 23 : 2:qemu (2016-07eca37ea0)
CVE-2016-4020: memory leak in kvmvapic.c bz 1326904 - CVE-2016-4439: scsi: esb: OOB write 1 bz 1337503 - CVE-2016-4441: scsi: esb: OOB write 2 bz 1337506 - Fix regression installing windows 7 with qxl/vga bz 1339267 Note that Tenable Network Security has extracted the preceding description block...
Fedora 22 : 2:qemu (2016-d3a56228f5)
CVE-2016-4020: memory leak in kvmvapic.c bz 1326904 - CVE-2016-4439: scsi: esb: OOB write 1 bz 1337503 - CVE-2016-4441: scsi: esb: OOB write 2 bz 1337506 - Fix regression installing windows 7 with qxl/vga bz 1339267 Note that Tenable Network Security has extracted the preceding description block...