RHEL 6 : kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 - The KVM subsystem in the Linux kernel befo...

RHEL 7 : kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 - Integer overflow in the VNC display driver...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1703-1)

qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

Security update for qemu (important)

qemu was updated to fix 29 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avoi...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1560-1)

qemu was updated to fix 37 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...

Updated qemu packages fix security vulnerabilities

Updated qemu packages fix security vulnerabilities: An out-of-bounds flaw was found in the QEMU emulator built using 'addressspacetranslate' to map an address to a MemoryRegionSection. The flaw could occur while doing pcidmaread/write calls, resulting in an out-of-bounds read-write access error. ...

Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-2974-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2974-1 advisory. Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue t...

Fedora 24 : xen-4.6.1-6.fc24 (2016-48e72b7bc5)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

Fedora 23 : xen-4.5.3-2.fc23 (2016-35d7b09908)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

Fedora 22 : xen-4.5.3-2.fc22 (2016-75063477ca)

x86 shadow pagetables: address width overflow XSA-173, CVE-2016-3960 Qemu: net: buffer overflow in stellarisenet emulator CVE-2016-4001 Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 qemu: Infinite loop vulnerability in usbehci using siTD process CVE-2016-4037 Note that Tenable...

DEBIAN-CVE-2016-4002

Buffer overflow in the mipsnetreceive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service memory corruption and QEMU crash or possibly execute arbitrary code via a packet larger than 1514 bytes...

CVE-2016-4002

Buffer overflow in the mipsnetreceive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service memory corruption and QEMU crash or possibly execute arbitrary code via a packet larger than 1514 bytes...

UBUNTU-CVE-2016-4002

Buffer overflow in the mipsnetreceive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service memory corruption and QEMU crash or possibly execute arbitrary code via a packet larger than 1514 bytes...

QEMU MIPSnet Emulator Buffer Overflow Vulnerability

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A buffer overflow vulnerability exists in the 'mipsnetreceive' function in QEMU's MIPSnet emulator. A remote attacker can exploit this vulnerability to cause a denial o...