26 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-29129
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-1014)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5009-2: libslirp vulnerabilities
USN-5009-1 fixed vulnerabilities in libslirp. This update provides the corresponding updates for Ubuntu 21.10. Original advisory details: Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive...
Ubuntu: Security Advisory (USN-5009-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5009-1: libslirp vulnerabilities
Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. CVE-2020-29129, CVE-2020-29130 It was discovered th...
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:1942-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Amazon Linux 2 : qemu (ALAS-2021-1671)
The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1671 advisory. A heap buffer overflow flaw was found in the iSCSI support of QEMU. This flaw could lead to an out-of- bounds read access and...
SUSE: Security Advisory (SUSE-SU-2021:1947-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:1942-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2021:1918-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1918-1 advisory. - CVE-2020-10756: Fix out-of-bounds read information disclosure in icmp6sendechoreply bsc1172380 Tenable has extracted the precedin...
SUSE: Security Advisory (SUSE-SU-2021:1243-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:1893-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:1762)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1762 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
RLSA-2021:1762 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...
openSUSE: Security Advisory for qemu (openSUSE-SU-2021:0600-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:1243-1)
This update for qemu fixes the following issues : CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 CVE-2020-25625: Fix infinite lo...
qemu security update
15:4.2.1-4.el7 - Document CVE-2020-25723 as fixed Mark Kanda Orabug: 32222397 CVE-2020-25084 CVE-2020-25723 - hw/net/e1000e: advance descoffset in case of null descriptor Prasad J Pandit Orabug: 32217517 CVE-2020-28916 - i386: Add 2nd Generation AMD EPYC processors Moger, Babu Orabug: 32217570 -...
Fedora: Security Advisory for libslirp (FEDORA-2020-77f93f41be)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 33 : libslirp (2020-77f93f41be)
Fix CVE-2020-29129 CVE-2020-29130 out-of-bounds access while processing ARP/NCSI packets Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...