17 matches found
EUVD-2020-12566
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-1711
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCS...
CentOS 7 : qemu-kvm-ma (RHSA-2020:1150)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1150 advisory. - An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming...
NewStart CGSL MAIN 6.06 : qemu Multiple Vulnerabilities (NS-SA-2023-0132)
The remote NewStart CGSL host, running version MAIN 6.06, has qemu packages installed that are affected by multiple vulnerabilities: - In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 fixed, when executing script in...
SUSE CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to...
NewStart CGSL MAIN 6.02 : qemu Multiple Vulnerabilities (NS-SA-2022-0087)
The remote NewStart CGSL host, running version MAIN 6.02, has qemu packages installed that are affected by multiple vulnerabilities: - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - An out-of-bounds read/write access flaw was found in the USB...
AlmaLinux 8 : virt:rhel (ALSA-2020:1358)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1358 advisory. QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server CVE-2020-1711 QEMU: slirp: OOB buffer access while emulating tcp protocols ...
Arbitrary Code Execution
qemu is vulnerable to arbitrary code execution. The vulnerability exists through an out-of-bounds heap buffer access flaw caused by the way the iSCSI Block driver handles a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routi...
[SECURITY] [DLA 2373-1] qemu security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2373-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA September 13, 2020 https://wiki.debian.org/LTS -...
Oracle Linux 8 : virt:ol (ELSA-2020-1358)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1358 advisory. - Resolves: bz1791565 CVE-2020-7039 virt:rhel/qemu-kvm: QEMU: slirp: OOB buffer access while emulating tcp protocols in tcpemu rhel-8.1.0.z - Resolves:...
CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to crash the QEMU process,...
QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to crash the QEMU process,...
Important: qemu
Issue Overview: tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. CVE-2020-7039 An...
QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to crash the QEMU process,...
CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to...
Heap overflow
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to...
UBUNTU-CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to...