21 matches found
SUSE CVE-2017-15268
Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c...
SUSE: Security Advisory (SUSE-SU-2017:2924-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
qemu security update
15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...
qemu security update
15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...
[SECURITY] [DSA 4213-1] qemu security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4213-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 29, 2018 https://www.debian.org/security/faq -...
Oracle Linux 7 : qemu-kvm (ELSA-2018-0816)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-0816 advisory. - Resolves: bz1518711 CVE-2017-15268 qemu-kvm: Qemu: I/O: potential memory exhaustion via websock connection to VNC rhel-7.5 - Resolves: bz1527405...
RHEL 7 : qemu-kvm-rhev (RHSA-2018:1104)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:1104 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...
qemu-kvm security, bug fix, and enhancement update
1.5.3-156.el7 - kvm-vnc-Fix-qemu-crashed-when-vnc-client-disconnect-sudd.patch bz1527405 - kvm-fix-full-frame-updates-for-VNC-clients.patch bz1527405 - kvm-vnc-update-fix.patch bz1527405 - kvm-vnc-return-directly-if-no-vnc-client-connected.patch bz1527405 - kvm-buffer-add-buffermoveempty.patch...
RHEL 7 : qemu-kvm (RHSA-2018:0816)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0816 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...
Low: Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Ubuntu: Security Advisory (USN-3575-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-3575-2: QEMU regression
USN-3575-1 fixed vulnerabilities in QEMU. The fix for CVE-2017-11334 caused a regression in Xen environments. This update removes the problematic fix pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that QEMU incorrectly handled guest...
USN-3575-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-11334 David Buchanan discovered that QEMU...
Fedora 27 : 2:qemu (2017-8db9c497f9)
Fix ppc64 KVM failure bz 1501936 - CVE-2017-15038: 9p: information disclosure when reading extended attributes bz 1499111 - CVE-2017-15268: potential memory exhaustion via websock connection to VNC bz 1496882 ---- qemu-pr-helper didn't work due to a change in the libmultipath/libmpathpersist APIs...
Security update for qemu (important)
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in Leap 15.0. These security issues were fixed: - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read...
openSUSE Security Update : qemu (openSUSE-2017-1248)
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in Leap 15.0. These security issues were fixed : - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2936-1)
This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c bsc1062942. - CVE-2017-9524: The qemu-nbd server when built with th...
openSUSE: Security Advisory for qemu (openSUSE-SU-2017:2938-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2017-15268
A memory leakage issue was found in the I/O channels websockets implementation of the Quick Emulator QEMU. It could occur while sending screen updates to a client, which is slow to read and process them further. A privileged guest user could use this flaw to cause a denial of service on the host...
DEBIAN-CVE-2017-15268
Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c...