18 matches found
Debian: Security Advisory (DLA-573-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-574-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2100-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2725-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3044-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for qemu FEDORA-2016-a56fb613a8
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : 2:qemu (2016-a56fb613a8)
CVE-2016-6351: scsi: esp: OOB write access in espdodma bz 1360600 - CVE-2016-6833: vmxnet3: use-after-free bz 1368982 - CVE-2016-6490: virtio: infinite loop in virtqueuepop bz 1361428 - CVE-2016-7156: pvscsi: infinite loop when building SG list bz 1373480 - CVE-2016-7170: vmwarevga: OOB stack...
openSUSE Security Update : xen (openSUSE-2016-1170) (Bunker Buster)
This update for xen fixes the following issues : These security issues were fixed : - CVE-2016-7092: The getpagefroml3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables bsc995785 -...
CVE-2016-6351
CVE-2016-6351 affects QEMU, specifically the ESP/NCR53C9x FSC emulation. The vulnerability is in esp_do_dma (hw/scsi/esp.c) and can let a local, privileged guest OS administrator perform an out-of-bounds write via DMA read into the ESP command buffer, potentially crashing QEMU or enabling arbitra...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU regression (USN-3047-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3047-2 advisory. USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memor...
USN-3047-2: QEMU regression
USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize fo...
Fedora 23 : xen (2016-0049aa6e5d) (Bunker Buster)
x86: Privilege escalation in PV guests XSA-182, CVE-2016-6258 x86: Missing SMAP whitelisting in 32-bit exception / event delivery XSA-183, CVE-2016-6259 virtio: unbounded memory allocation issue XSA-184, CVE-2016-5403 Qemu: scsi: esp: OOB write access in espdodma CVE-2016-6351 Note that Tenable...
Fedora Update for xen FEDORA-2016-0049aa6e5d
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 24 : xen (2016-01cc766201) (Bunker Buster)
x86: Privilege escalation in PV guests XSA-182, CVE-2016-6258 x86: Missing SMAP whitelisting in 32-bit exception / event delivery XSA-183, CVE-2016-6259 virtio: unbounded memory allocation issue XSA-184, CVE-2016-5403 Qemu: scsi: esp: OOB write access in espdodma CVE-2016-6351 Note that Tenable...
Ubuntu: Security Advisory (USN-3047-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3047-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3047-1 advisory. Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this...
[SECURITY] [DLA 573-1] qemu security update
Package : qemu Version : 1.1.2+dfsg-6+deb7u14 CVE ID : CVE-2015-5239 CVE-2016-2857 CVE-2016-4020 CVE-2016-4439 CVE-2016-5403 CVE-2016-6351 Multiple vulnerabilities have been discovered in QEMU, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following...
CVE-2016-6351
The espdodma function in hw/scsi/esp.c in QEMU aka Quick Emulator, when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash or execute arbitrary code on the QEMU host via vectors involvi...