EUVD-2016-5431

Malware in sbrugna...

SUSE CVE-2016-4439

The espregwrite function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash or potentially execute arbitrary code o...

Debian DLA-574-1 : qemu-kvm security update

Multiple vulnerabilities have been discovered in qemu-kvm, a full virtualization solution on x86 hardware. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2015-5239 Lian Yihan discovered that QEMU incorrectly handled certain payload messages in the VNC...

CVE-2016-4439

The espregwrite function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash or potentially execute arbitrary code o...

CVE-2016-4441

CVE-2016-4441 affects QEMU’s 53C9X FSC emulation (esp.c) where get_cmd() can write out-of-bounds to the information transfer buffer due to DMA length not being checked. This local-privilege vulnerability can crash the QEMU process or allow potential arbitrary code execution via crafted SCSI comma...

UBUNTU-CVE-2016-4439

The espregwrite function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash or potentially execute arbitrary code o...