76 matches found
MiracleLinux 8 : container-tools:1.0 (AXSA:2020-294:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-294:01 advisory. QEMU: slirp: OOB buffer access while emulating tcp protocols in tcpemu CVE-2020-7039 Modularity name: container-tools Stream name: 1.0 Tenable has extracted t...
MiracleLinux 8 : virt:rhel (AXSA:2020-322:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-322:01 advisory. QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server CVE-2020-1711 QEMU: slirp: OOB buffer access while emulating tcp...
Linux Distros Unpatched Vulnerability : CVE-2020-7039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buff...
Ubuntu: Security Advisory (USN-7094-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : container-tools:rhel8 (RLSA-2020:0348)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:0348 advisory. - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - tcpemu in tcpsubr.c in libslirp 4.1.0, as used i...
Oracle Linux 7 : qemu-kvm (ELSA-2020-1116)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1116 advisory. - Resolves: bz1791560 CVE-2020-7039 qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcpemu rhel-7.8 - Resolves: bz1771961 CVE-2019-111...
RHEL 7 : qemu-kvm-rhev bug fix update (Important) (RHSA-2020:2342)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2342 advisory. - QEMU: slirp: heap buffer overflow during packet reassembly CVE-2019-14378 - QEMU: slirp: OOB buffer access while emulating tcp protocols i...
RHEL 8 : virt:8.1 (RHSA-2020:1261)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1261 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...
SUSE: Security Advisory (SUSE-SU-2020:14396-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0844-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1514-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1538-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 4.06 : qemu-kvm Multiple Vulnerabilities (NS-SA-2021-0004)
The remote NewStart CGSL host, running version MAIN 4.06, has qemu-kvm packages installed that are affected by multiple vulnerabilities: - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - ipreass in ipinput.c in libslirp 4.0.0 has a heap-based...
Debian: Security Advisory (DLA-2551-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-4632-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4632-1 slirp vulnerabilities
It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service application crash or...
CVE-2020-7039 affecting package qemu-kvm 4.2.0-48
CVE-2020-7039 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...
NewStart CGSL MAIN 4.05 : qemu-kvm Multiple Vulnerabilities (NS-SA-2020-0049)
The remote NewStart CGSL host, running version MAIN 4.05, has qemu-kvm packages installed that are affected by multiple vulnerabilities: - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - ipreass in ipinput.c in libslirp 4.0.0 has a heap-based...
Oracle Linux 8 : container-tools:ol8 (ELSA-2020-0348)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0348 advisory. - Fix CVE-2019-10214 1734653. - addresses CVE-2019-18466 - drop upstreamed CVE-2019-10214 patch - Fix CVE-2019-10214 1734649. - rebuild because of CVE-2019-9512...
RHEL 8 : virt:rhel (RHSA-2020:1358)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1358 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...