Debian: Security Advisory (DLA-653-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3273-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2902-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3044-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2988-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2936-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : xen (SUSE-SU-2016:3156-1)

This update for xen fixes several issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as unusable allowing ...

openSUSE Security Update : qemu (openSUSE-2016-1451)

This update for qemu fixes the following issues : - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP1 - Change package post script udevadm trigger calls to be device specific bsc1002116 - Address various security/stability issues - Fix OOB access in...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3083-1)

This update for xen to version 4.5.5 fixes several issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3067-1)

xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652. - CVE-2016-9386: x86 null segments were not always treated as...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:2988-1)

This update for qemu fixes the following issues : - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP1 - Change package post script udevadm trigger calls to be device specific bsc1002116 - Address various security/stability issues - Fix OOB access in...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:2879-1)

This update for qemu to version 2.6.2 fixes the several issues. These security issues were fixed : - CVE-2016-7161: Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU aka Quick Emulator allowed attackers to execute arbitrary code on the QEMU host via a large...

Fedora 25 : 2:qemu (2016-3d3218ec41)

CVE-2016-7155: pvscsi: OOB read and infinite loop bz 1373463 - CVE-2016-7156: pvscsi: infinite loop when building SG list bz 1373480 - CVE-2016-7156: pvscsi: infinite loop when processing IO requests bz 1373480 - CVE-2016-7170: vmwarevga: OOB stack memory access bz 1374709 - CVE-2016-7157:...

Fedora Update for qemu FEDORA-2016-a56fb613a8

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : 2:qemu (2016-a56fb613a8)

CVE-2016-6351: scsi: esp: OOB write access in espdodma bz 1360600 - CVE-2016-6833: vmxnet3: use-after-free bz 1368982 - CVE-2016-6490: virtio: infinite loop in virtqueuepop bz 1361428 - CVE-2016-7156: pvscsi: infinite loop when building SG list bz 1373480 - CVE-2016-7170: vmwarevga: OOB stack...

Debian DLA-653-1 : qemu-kvm security update

Multiple vulnerabilities have been found in qemu-kvm : CVE-2016-7161 Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in qemu-kvm allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet. CVE-2016-7170 The vmsvgafiforun function in...

[SECURITY] [DLA 653-1] qemu-kvm security update

Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u16 CVE ID : CVE-2016-7161 CVE-2016-7170 CVE-2016-7908 Multiple vulnerabilities have been found in qemu-kvm: CVE-2016-7161 Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in qemu-kvm allows attackers to execute arbitrary...

CVE-2016-7908

The mcffecdotx function in hw/net/mcffec.c in QEMU aka Quick Emulator does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via vectors involving a buffer descript...

CVE-2016-7908

CVE-2016-7908 refers to a DoS in QEMU where the mcf_fec_do_tx path does not properly cap the buffer descriptor count during transmit. A local guest administrator can trigger an infinite loop and QEMU process crash by crafting a 0-length BD with specific bd.flags values. Public listings (Debian se...