55 matches found
MiracleLinux 4 : qemu-kvm-0.12.1.2-2.506.AXS4.4 (AXSA:2019-3923:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3923:02 advisory. Security Fix - qemu-kvmsnprintf CVE-2019-9824 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux...
Linux Distros Unpatched Vulnerability : CVE-2019-9824
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. CVE-2019-9824 No...
Oracle Linux 7 : qemu-kvm (ELSA-2019-2078)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-2078 advisory. - Resolves: bz1669068 CVE-2019-6778 qemu-kvm: QEMU: slirp: heap buffer overflow in tcpemu rhel-7.7 - Resolves: bz1693217 CVE-2018-12126 qemu-kvm: hardware:...
Oracle Linux 7 : qemu (ELSA-2019-4640)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4640 advisory. - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127...
K29103455: QEMU 3.0.0 vulnerability CVE-2019-9824
Security Advisory Description tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. CVE-2019-9824 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
AlmaLinux 8 : virt:rhel (ALSA-2019:3345)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3345 advisory. ntfs-3g: heap-based buffer overflow leads to local root privilege escalation CVE-2019-9755 QEMU: slirp: information leakage in tcpemu due to uninitialized...
SUSE: Security Advisory (SUSE-SU-2019:1239-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:14001-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:14052-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1272-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0891-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:1238-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0825-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0921-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : virt:rhel (CESA-2019:3345)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3345 advisory. - QEMU: qxl: null pointer dereference while releasing spice resources CVE-2019-12155 - ntfs-3g: heap-based buffer overflow leads to local root privileg...
Virtuozzo 6 : qemu-guest-agent / qemu-img / qemu-kvm / etc (VZLSA-2019-1650)
An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Amazon Linux AMI : qemu-kvm (ALAS-2020-1408)
The version of qemu-kvm installed on the remote host is prior to 1.5.3-156.19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1408 advisory. tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading ...
Amazon Linux AMI : qemu-kvm (ALAS-2020-1400)
The version of qemu-kvm installed on the remote host is prior to 1.5.3-156.19. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1400 advisory. In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in...
Important: qemu-kvm
Issue Overview: In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code. CVE-2020-8608 tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1573)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...