222 matches found
CVE-2016-9776
QEMU aka Quick Emulator built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcffecreceive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading t...
CVE-2016-9776
QEMU aka Quick Emulator built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcffecreceive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading t...
CVE-2016-9776
CVE-2016-9776 affects QEMU’s ColdFire Fast Ethernet Controller (mcf_fec_receive) and can trigger an infinite loop when processing received packets. This could allow a privileged guest user to crash the QEMU host process, causing a Denial of Service. Public advisories for related products (PowerKV...
CVE-2016-9776
QEMU aka Quick Emulator built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcffecreceive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading t...
Debian DLA-698-1 : qemu security update
Several vulnerabilities were discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2016-7909 Quick EmulatorQemu built with the AMD PC-Net II emulator support is vulnerable to an infinite loop issue. It could occur...
[SECURITY] [DLA 689-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u18 CVE ID : CVE-2016-7909 CVE-2016-8909 CVE-2016-8910 Debian Bug : 839834 841950 841955 842455 842463 Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware based on Quick EmulatorQemu. The Common...
QEUM Denial of Service Vulnerability (CNVD-2016-10301)
QEMU is a set of analog processors written by Fabrice Bellard that distributes source code under the GPL license and is widely used on the GNU/Linux platform. The QEMU RTL8139 Ethernet Controller Emulation Support Triggerable Dead Loop contains a security vulnerability that can be exploited by...
Potential vulnerability in the Intel® Ethernet Controller X710 and XL710 product families
Summary: A vulnerability was identified in the Intel Ethernet Controller X710 and XL710 product family NVM image v5.02 and v5.03. Intel released an update to mitigate this issue on 31MAY2016. Description: Intel has found a security vulnerability in the v5.02 and v5.03 release of the NVM images fo...
RHEL 6 : kernel (RHSA-2016:1100)
An update for kernel is now available for Red Hat Enterprise Linux 6.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 6.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2016-4001
Buffer overflow in the stellarisenetreceive function in hw/net/stellarisenet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service QEMU crash via a large packet...
CVE-2016-4001
Buffer overflow in the stellarisenetreceive function in hw/net/stellarisenet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service QEMU crash via a large packet...
Updated qemu packages fix security vulnerabilities
Updated qemu packages fix security vulnerabilities: An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. ...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-2974-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2974-1 advisory. Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue t...
Debian DSA-3470-1 : qemu-kvm - security update
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large...
Debian Security Advisory DSA 3470-1 (qemu-kvm - security update)
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large packet...
Debian Security Advisory DSA 3471-1 (qemu - security update)
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...
PT-2015-1324 · Qemu +5 · Qemu +5
Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: The issue is caused by a heap-based buffer overflow in the PCNET controller. Exploitation of this issue may allow a remote attacker to execute arbitrary code by sending a packet with TXSTATUS...
Schneider Electric PLC ETY Series Ethernet Controller - Denial of Service
No description provided by source. Telnet server of Schenider Electric ETY Series Controllers have a security problem. We noticed that while we are connected to the PLC through telnet, if we call telnet instance inside VxWorks again it can cause the device to crash. The telnet instance name is...
Flaw in Intel Ethernet controller exposes to 'packet of death' attack
The hardware qualification is a very important issue, recent vulnerabilities discovered in network appliances of various manufacturer have alerted security community once again on the necessity to validate the hardware especially for large consume product. The last news is related to a...