SUSE: Security Advisory (SUSE-SU-2016:3044-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3174-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3273-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3083-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:0127-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-2431)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3261-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3261-1 advisory. Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU ...

CVE-2016-9381

CVE-2016-9381 describes a race condition in QEMU when used with Xen, where a local x86 HVM guest administrator could gain privileges by altering data on shared rings (the so‑called “double fetch” issue). The provided documents confirm this vulnerability and list Xen/shared-ring handling as the ro...

Fedora 25 : 2:qemu (2017-b953d4d3a4)

CVE-2016-6836: vmxnet: Information leakage in vmxnet3completepacket bz 1366370 - CVE-2016-7909: pcnet: Infinite loop in pcnetrdraaddr bz 1381196 - CVE-2016-7994: virtio-gpu: memory leak in resourcecreate2d bz 1382667 - CVE-2016-8577: 9pfs: host memory leakage in v9fsread bz 1383286 -...

CVE-2016-9381

Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability...

Security update for qemu (important)

qemu was updated to fix several issues. These security issues were fixed: - CVE-2016-9102: Memory leak in the v9fsxattrcreate function in hw/9pfs/9p.c in allowed local guest OS administrators to cause a denial of service memory consumption and QEMU process crash via a large number of Txattrcreate...

openSUSE Security Update : xen (openSUSE-2017-4)

This updates xen to version 4.5.5 to fix the following issues : - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...

SUSE-SU-2016:3174-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as unusable allowing a...

openSUSE Security Update : xen (openSUSE-2016-1477)

xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652. - CVE-2016-9386: x86 null segments were not always treated as...

SUSE SLES12 Security Update : xen (SUSE-SU-2016:3156-1)

This update for xen fixes several issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as unusable allowing ...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3083-1)

This update for xen to version 4.5.5 fixes several issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as...

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3067-1)

xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652. - CVE-2016-9386: x86 null segments were not always treated as...

Citrix XenServer Multiple Vulnerabilities (CTX218775)

The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the sniffnetware function within file tools/pygrub/src/pygrub when handling string quotes and S-expressions in the bootloader whenev...