SUSE: Security Advisory (SUSE-SU-2016:2589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1497-1] qemu security update

Package : qemu Version : 1:2.1+dfsg-12+deb8u7 CVE ID : CVE-2015-8666 CVE-2016-2198 CVE-2016-6833 CVE-2016-6835 CVE-2016-8576 CVE-2016-8667 CVE-2016-8669 CVE-2016-9602 CVE-2016-9603 CVE-2016-9776 CVE-2016-9907 CVE-2016-9911 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 CVE-2016-9921 CVE-2016-9922...

CVE-2016-6833

Use-after-free vulnerability in the vmxnet3iobar0write function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service QEMU instance crash by leveraging failure to check if the device is active...

CVE-2016-6833

CVE-2016-6833 affects QEMU: a use-after-free in vmxnet3_io_bar0_write within hw/net/vmxnet3.c can be exploited by a local privileged guest to crash the QEMU process (DoS). Public docs confirm the issue, with multiple vendors releasing fixes (Debian/Ubuntu/SUSE advisories and IBM PowerKVM bulletin...

CVE-2016-6833

Use-after-free vulnerability in the vmxnet3iobar0write function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service QEMU instance crash by leveraging failure to check if the device is active...

Fedora Update for qemu FEDORA-2016-a56fb613a8

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3125-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3125-1 advisory. Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause...

USN-3125-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. CVE-2016-5403 Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card...

Fedora 24 : 2:qemu (2016-a56fb613a8)

CVE-2016-6351: scsi: esp: OOB write access in espdodma bz 1360600 - CVE-2016-6833: vmxnet3: use-after-free bz 1368982 - CVE-2016-6490: virtio: infinite loop in virtqueuepop bz 1361428 - CVE-2016-7156: pvscsi: infinite loop when building SG list bz 1373480 - CVE-2016-7170: vmwarevga: OOB stack...

SUSE SLES11 Security Update : xen (SUSE-SU-2016:2507-1) (Bunker Buster)

This update for xen fixes several issues. These security issues were fixed : - CVE-2016-7092: The getpagefroml3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables bsc995785 - CVE-2016-7093: Xe...

openSUSE Security Update : xen (openSUSE-2016-1170) (Bunker Buster)

This update for xen fixes the following issues : These security issues were fixed : - CVE-2016-7092: The getpagefroml3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables bsc995785 -...

UBUNTU-CVE-2016-6833

Use-after-free vulnerability in the vmxnet3iobar0write function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service QEMU instance crash by leveraging failure to check if the device is active...