515 matches found
PT-2015-4876
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description The issue allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory. This is due to a problem in the drivers/xen/usbback/usbback.c...
qemu: insufficient parameter validation during ram load
It was found that certain values that were read when loading RAM during migration were not validated. A user able to alter the savevm data either on the disk or over the wire during migration could use either of these flaws to corrupt QEMU process memory on the destination host, which could...
VMSA-2015-0001:VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
VMSA-2015-0001.2 VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2015-0001.2 VMware Security Advisory Synopsis: VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates...
Qemu: information leakage when guest sets high resolution
An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest...
USN-2409-1 qemu, qemu-kvm vulnerabilities
Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. CVE-2014-3615 Xavier Mehrenberger and Stephane Duverger discovered that QEMU...
DEBIAN-CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
Design/Logic Flaw
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
CVE-2014-3615
CVE-2014-3615 concerns the VGA emulator in QEMU. The issue allows a privileged guest (local to the host) to read host memory by setting the display to a high resolution, due to a memory-access flaw in VGA emulation. Public context in connected advisories confirms this was addressed by backporting...
CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
UBUNTU-CVE-2014-3615
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution...
Qemu: information leakage when guest sets high resolution
An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest...
Qemu: qcow1: validate L2 table size to avoid integer overflows
An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with...
Qemu: qcow1: validate image size to avoid out-of-bounds memory access
An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with...
Qemu: qcow1: validate image size to avoid out-of-bounds memory access
An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with...
Qemu: qcow1: validate L2 table size to avoid integer overflows
An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with...
Qemu: qcow1: validate image size to avoid out-of-bounds memory access
An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with...