33 matches found
CVE-2015-5154
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands...
CVE-2015-5154
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands...
SUSE-SU-2015:1409-1 Security update for kvm
kvm was updated to fix one security issue. This security issue was fixed: - CVE-2015-5154: Host code execution via IDE subsystem CD-ROM bsc938344...
SUSE-SU-2015:1426-1 Security update for kvm
kvm was updated to fix two security issues. The following vulnerabilities were fixed: - CVE-2015-5154: Host code execution via IDE subsystem CD-ROM bsc938344. - CVE-2015-3209: Fix buffer overflow in pcnet emulation bsc932770...
FreeBSD : qemu, xen-tools -- QEMU heap overflow flaw with certain ATAPI commands (da451130-365d-11e5-a4a5-002590263bf5)
The Xen Project reports : A heap overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the...
Xen Patches VM Escape Flaw
The Xen Project has patched a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine. The vulnerability is in the QEMU open source machine emulator that ships as part of the Xen hypervisor. The problem...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2015:1302-1)
xen was updated to fix two security issues. These security issues were fixed : - CVE-2015-3259: xl command line config handling stack overflow bsc935634, XSA-137. - CVE-2015-5154: Host code execution via IDE subsystem CD-ROM bsc938344. The update package also includes non-security fixes. See...
SUSE SLED11 / SLES11 Security Update : xen (SUSE-SU-2015:1299-1)
xen was updated to fix two security issues. These security issues were fixed : - CVE-2015-3259: xl command line config handling stack overflow bsc935634, XSA-137. - CVE-2015-5154: Host code execution via IDE subsystem CD-ROM bsc938344. The update package also includes non-security fixes. See...
Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150727)
A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the...
qemu: ide: atapi: heap overflow during I/O buffer memory access
A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the...
QEMU heap overflow flaw while processing certain ATAPI commands.
ISSUE DESCRIPTION The QEMU security team has predisclosed the following advisory: A heap overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with CDROM drive enabled could potentially use thi...
qemu, xen-tools -- QEMU heap overflow flaw with certain ATAPI commands
The Xen Project reports: A heap overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the...
SUSE-SU-2015:1455-1 Security update for kvm
kvm was updated to fix one security issue. This security issue was fixed: - CVE-2015-5154: Host code execution via IDE subsystem CD-ROM bsc938344...