Linux Distros Unpatched Vulnerability : CVE-2016-4454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vmsvgafiforeadraw function in hw/display/vmwarevga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a...

SUSE: Security Advisory (SUSE-SU-2016:2628-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2781-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2093-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : qemu (SUSE-SU-2016:2781-1)

qemu was updated to fix 21 security issues. These security issues were fixed : - CVE-2014-5388: Off-by-one error in the pciread function in the ACPI PCI hotplug interface hw/acpi/pcihp.c in QEMU allowed local guest users to obtain sensitive information and have other unspecified impact related to...

openSUSE Security Update : qemu (openSUSE-2016-1234)

qemu was updated to fix 19 security issues. These security issues were fixed : - CVE-2016-2392: The isrndis function in the USB Net device emulator hw/usb/dev-network.c in QEMU did not properly validate USB configuration descriptor objects, which allowed local guest OS administrators to cause a...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:2589-1)

qemu was updated to fix 19 security issues. These security issues were fixed : - CVE-2016-2392: The isrndis function in the USB Net device emulator hw/usb/dev-network.c in QEMU did not properly validate USB configuration descriptor objects, which allowed local guest OS administrators to cause a...

SUSE SLES11 Security Update : kvm (SUSE-SU-2016:2628-1)

kvm was updated to fix 16 security issues. These security issues were fixed : - CVE-2015-6815: e1000 NIC emulation support was vulnerable to an infinite loop issue. A privileged user inside guest could have used this flaw to crash the Qemu instance resulting in DoS. bsc944697. - CVE-2016-2391: Th...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU regression (USN-3047-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3047-2 advisory. USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memor...

USN-3047-2: QEMU regression

USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize fo...

Ubuntu: Security Advisory (USN-3047-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3047-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3047-1 advisory. Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this...

Fedora Update for qemu FEDORA-2016-a80eab65ba

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-4454

The vmsvgafiforeadraw function in hw/display/vmwarevga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service QEMU process crash by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read...

CVE-2016-4454

CVE-2016-4454 affects QEMU’s vmsvga_fifo_read_raw path in hw/display/vmware_vga.c. The vulnerability arises when a local privileged guest changes FIFO registers and issues a VGA command, triggering an out-of-bounds read that can disclose host memory or cause a QEMU process crash. Public reference...