openSUSE Security Update : xen (openSUSE-2017-4)

This updates xen to version 4.5.5 to fix the following issues : - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3083-1)

This update for xen to version 4.5.5 fixes several issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as...

CVE-2016-7995

Memory leak in the ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of crafted buffer page select PG indexes...

CVE-2016-7995

Memory leak in the ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of crafted buffer page select PG indexes...

CVE-2016-7995

CVE-2016-7995 affects QEMU: a memory leak in ehci_process_itd (hw/usb/hcd-ehci.c) allows a local privileged user in the guest to cause a denial of service via memory consumption by crafting many PG indexes. CVSS shows 6.0 (3.1) with local access and high privileges required. Remediation evidenced...

CVE-2016-7995

Memory leak in the ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of crafted buffer page select PG indexes...

CVE-2016-7995

Memory leak in the ehciprocessitd function in hw/usb/hcd-ehci.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of crafted buffer page select PG indexes...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:2879-1)

This update for qemu to version 2.6.2 fixes the several issues. These security issues were fixed : - CVE-2016-7161: Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU aka Quick Emulator allowed attackers to execute arbitrary code on the QEMU host via a large...

Fedora 25 : 2:qemu (2016-3d3218ec41)

CVE-2016-7155: pvscsi: OOB read and infinite loop bz 1373463 - CVE-2016-7156: pvscsi: infinite loop when building SG list bz 1373480 - CVE-2016-7156: pvscsi: infinite loop when processing IO requests bz 1373480 - CVE-2016-7170: vmwarevga: OOB stack memory access bz 1374709 - CVE-2016-7157:...

Fedora Update for qemu FEDORA-2016-a56fb613a8

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : 2:qemu (2016-a56fb613a8)

CVE-2016-6351: scsi: esp: OOB write access in espdodma bz 1360600 - CVE-2016-6833: vmxnet3: use-after-free bz 1368982 - CVE-2016-6490: virtio: infinite loop in virtqueuepop bz 1361428 - CVE-2016-7156: pvscsi: infinite loop when building SG list bz 1373480 - CVE-2016-7170: vmwarevga: OOB stack...