6 matches found
USN-4467-2 qemu vulnerabilities
USN-4467-1 fixed several vulnerabilities in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that the QEMU SD memory card implementation incorrectly handled certain memory operations. An attacker inside a guest could possibly u...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4467-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4467-1 advisory. Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP ec...
USN-4467-1 qemu vulnerabilities
Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2020:2015-1)
This update for qemu to version 4.2.1 fixes the following issues : CVE-2020-10761: Fixed a denial of service in Network Block Device nbd support infrastructure bsc1172710. CVE-2020-13800: Fixed a denial of service possibility in ati-vga emulation bsc1172495. CVE-2020-13659: Fixed a NULL pointer...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2017:2864-1)
This update for xen fixes several issues: These security issues were fixed : - CVE-2017-5526: The ES1370 audio device emulation support was vulnerable to a memory leakage issue allowing a privileged user inside the guest to cause a DoS and/or potentially crash the Qemu process on the host...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)
This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...