10 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-6836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vmxnet3completepacket function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host memory informati...
SUSE: Security Advisory (SUSE-SU-2016:2589-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : 2:qemu (2017-b953d4d3a4)
CVE-2016-6836: vmxnet: Information leakage in vmxnet3completepacket bz 1366370 - CVE-2016-7909: pcnet: Infinite loop in pcnetrdraaddr bz 1381196 - CVE-2016-7994: virtio-gpu: memory leak in resourcecreate2d bz 1382667 - CVE-2016-8577: 9pfs: host memory leakage in v9fsread bz 1383286 -...
CVE-2016-6836
The vmxnet3completepacket function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcqdescr object...
CVE-2016-6836
CVE-2016-6836 : In QEMU, the vmxnet3_complete_packet path (hw/net/vmxnet3.c) allows local guest OS admins to obtain sensitive host memory information by exploiting failure to initialize the txcq_descr object, enabling information leakage. The IBM PowerKVM bulletin notes this vulnerability and sta...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3125-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3125-1 advisory. Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause...
SUSE SLES11 Security Update : xen (SUSE-SU-2016:2507-1) (Bunker Buster)
This update for xen fixes several issues. These security issues were fixed : - CVE-2016-7092: The getpagefroml3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables bsc995785 - CVE-2016-7093: Xe...
openSUSE: Security Advisory for xen (openSUSE-SU-2016:2497-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for xen (openSUSE-SU-2016:2494-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : xen (openSUSE-2016-1170) (Bunker Buster)
This update for xen fixes the following issues : These security issues were fixed : - CVE-2016-7092: The getpagefroml3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables bsc995785 -...