Linux Distros Unpatched Vulnerability : CVE-2017-2633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory access issue was found in Quick Emulator QEMU before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC...

SUSE: Security Advisory (SUSE-SU-2017:1081-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0019-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:0039-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1080-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2969-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in qemu-kvm and libguestfs affect SmartCloud Entry (CVE-2016-9603 CVE-2017-2633 CVE-2017-7718 CVE-2017-7980 CVE-2015-8869)

Summary Multiple vulnerabilitieshave been identified in qemu-kvm and libguestfs. Qemu-kvm and libguestfs shipped with IBM SmartCloud Entry Appliance. IBM SmartCloud Entry Appliance has addressed the vulnerabilities. Vulnerability Details CVE-2016-9603 DESCRIPTION: Xen is vulnerable to a heap-base...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2017-1223)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 4.05 : qemu-kvm Multiple Vulnerabilities (NS-SA-2019-0108)

The remote NewStart CGSL host, running version MAIN 4.05, has qemu-kvm packages installed that are affected by multiple vulnerabilities: - Quick emulator QEMU built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying V...

qemu security update

15:3.1.0-3.el7 - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 15:3.1.0-2.el7 - x86: Add mds feature Karl Heubaum - e1000: Never increment the RX undersize count register...

qemu security update

15:3.0.0-1.el7 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28763782 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug: 28763774 CVE-2018-17962 - rtl8139: fix possible out of bound access Jason Wang Orabug: 28763765 CVE-2018-17958 - ne2000: fix possible ou...

qemu security update

12:2.9.0-17.el7 - i386: Remove generic SMT thread check Babu Moger Orabug: 28676425 - pc: Fix typo on PCCOMPAT212 Eduardo Habkost Orabug: 28676425 - i386: Enable TOPOEXT feature on AMD EPYC CPU Babu Moger Orabug: 28676425 - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28762625...

CVE-2017-2633

CVE-2017-2633 : Out-of-bounds memory access in QEMU's VNC display driver (vnc_refresh_server_surface) could allow a guest user to crash the QEMU process. Affected: QEMU versions before 1.7.2. Remediation/fix not described in the provided documents.

SUSE SLES11 Security Update : kvm (SUSE-SU-2018:0039-1) (Spectre)

This update for kvm fixes the following issues: A security flaw mitigation has been applied : - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to allow enabling/disabling branch prediction features in the Intel CPU. bsc1068032 Also a...

SUSE-SU-2018:0019-1 Security update for kvm

This update for kvm fixes the following issues: Also a mitigation for a security flaw has been applied: - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to allow enabling/disabling branch prediction features in the Intel CPU. bsc10680...

SUSE SLES11 Security Update : kvm (SUSE-SU-2018:0019-1) (Spectre)

This update for kvm fixes the following issues: Also a mitigation for a security flaw has been applied : - CVE-2017-5715: QEMU was updated to allow passing through new MSR and CPUID flags from the host VM to the CPU, to allow enabling/disabling branch prediction features in the Intel CPU...

SUSE SLES12 Security Update : qemu (SUSE-SU-2017:2969-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-15289: The mode4and5 write functions allowed local OS guest privileged users to cause a denial of service out-of-bounds write access and Qemu process crash via vectors related to dst calculation bsc1063122 -...

CentOS 7 : qemu-kvm (CESA-2017:1856)

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20170801)

Security Fixes : - An out-of-bounds memory access issue was found in Quick Emulator QEMU in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vncrefreshserversurface'. A user inside a guest could use this flaw to crash the QEMU process...

Oracle Linux 7 : qemu-kvm (ELSA-2017-1856)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1856 advisory. - Resolves: bz1451614 CVE-2017-9524 qemu-kvm: segment fault when private user nmap qemu-nbd server rhel-7.4 - Resolves: bz1430060 CVE-2016-9603 qemu-kv...