Lucene search
K

71 matches found

Tenable Nessus
Tenable Nessus
added 2018/08/21 12:0 a.m.54 views

CentOS 7 : qemu-kvm (CESA-2018:2462)

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.8CVSS7.1AI score0.00823EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/08/16 2:21 p.m.135 views

Important: Red Hat Security Advisory: qemu-kvm security and bug fix update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.8CVSS7AI score0.00823EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2018/08/16 2:21 p.m.12 views

QEMU: i386: multiboot OOB access while loading kernel image

Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mhloadendaddr address is greater than the mhbssendaddr address. A user or process...

8.8CVSS7.7AI score0.00614EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/05/30 12:0 a.m.72 views

Debian DSA-4213-1 : qemu - security update (Spectre)

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2017-15038 Tuomas Tynkkynen discovered an information leak in 9pfs. - CVE-2017-15119 Eric Blake discovered that the NBD server insufficiently restricts large option requests, resulting in denial of service. -...

10CVSS7.4AI score0.74041EPSS
Exploits11References34
RedHat Linux
RedHat Linux
added 2018/05/22 1:47 a.m.6 views

QEMU: i386: multiboot OOB access while loading kernel image

Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mhloadendaddr address is greater than the mhbssendaddr address. A user or process...

8.8CVSS7.7AI score0.00614EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/05/22 1:45 a.m.5 views

QEMU: i386: multiboot OOB access while loading kernel image

Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mhloadendaddr address is greater than the mhbssendaddr address. A user or process...

8.8CVSS7.7AI score0.00614EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/05/22 1:41 a.m.5 views

QEMU: i386: multiboot OOB access while loading kernel image

Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mhloadendaddr address is greater than the mhbssendaddr address. A user or process...

8.8CVSS7.7AI score0.00614EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/05/22 1:41 a.m.11 views

QEMU: i386: multiboot OOB access while loading kernel image

Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mhloadendaddr address is greater than the mhbssendaddr address. A user or process...

8.8CVSS7.7AI score0.00614EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/05/17 12:0 a.m.70 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU vulnerabilities (USN-3649-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3649-1 advisory. Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this...

10CVSS7.8AI score0.03025EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2018/05/16 12:3 p.m.68 views

USN-3649-1: QEMU vulnerabilities

Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2017-16845 Cyrille...

10CVSS7.7AI score0.03025EPSS
Exploits0
OSV
OSV
added 2018/05/16 12:3 p.m.7 views

USN-3649-1 qemu vulnerabilities

Cyrille Chatras discovered that QEMU incorrectly handled certain PS2 values during migration. An attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2017-16845 Cyrille...

10CVSS7.1AI score0.03025EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/05/10 4:5 p.m.9 views

QEMU: i386: multiboot OOB access while loading kernel image

Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur while loading a kernel image during the guest boot, if mhloadendaddr address is greater than the mhbssendaddr address. A user or process...

8.8CVSS7.7AI score0.00614EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/03/23 12:0 a.m.55 views

openSUSE Security Update : qemu (openSUSE-2018-291) (Spectre)

This update for qemu fixes the following issues : This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

10CVSS7.7AI score0.74041EPSS
Exploits10References21
Tenable Nessus
Tenable Nessus
added 2018/03/22 12:0 a.m.51 views

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2018:0762-1) (Spectre)

This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

10CVSS7.6AI score0.74041EPSS
Exploits10References30
Tenable Nessus
Tenable Nessus
added 2018/03/06 12:0 a.m.239 views

Ubuntu 14.04 LTS / 16.04 LTS : QEMU regression (USN-3575-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3575-2 advisory. USN-3575-1 fixed vulnerabilities in QEMU. The fix for CVE-2017-11334 caused a regression in Xen environments. This update removes the problematic fix...

4.4CVSS6.3AI score0.00502EPSS
Exploits0References1
OSV
OSV
added 2018/03/01 5:29 p.m.1 views

DEBIAN-CVE-2018-7550

The loadmultiboot function in hw/i386/multiboot.c in Quick Emulator aka QEMU allows local guest OS users to execute arbitrary code on the QEMU host via a mhloadendaddr value greater than mhbssendaddr, which triggers an out-of-bounds read or write memory access...

8.8CVSS9.3AI score0.00614EPSS
Exploits0References1
OSV
OSV
added 2018/03/01 12:0 a.m.6 views

UBUNTU-CVE-2018-7550

The loadmultiboot function in hw/i386/multiboot.c in Quick Emulator aka QEMU allows local guest OS users to execute arbitrary code on the QEMU host via a mhloadendaddr value greater than mhbssendaddr, which triggers an out-of-bounds read or write memory access...

8.8CVSS7.2AI score0.00614EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2018/02/28 12:0 a.m.6 views

PT-2018-1904 · Qemu +5 · Qemu +5

Name of the Vulnerable Software and Affected Versions: Qemu affected versions not specified Description: The issue is related to the load multiboot function in Qemu, which can lead to an out-of-bounds read or write memory access when using multiboot. This can allow an attacker to execute arbitrar...

10CVSS8.1AI score0.74041EPSS
Exploits24References218
OSV
OSV
added 2018/02/20 7:12 p.m.4 views

USN-3575-1 qemu vulnerabilities

It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-11334 David Buchanan discovered that QEMU...

10CVSS7.1AI score0.11931EPSS
Exploits5References14
Tenable Nessus
Tenable Nessus
added 2017/12/18 12:0 a.m.54 views

EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2017-1321)

According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The...

8.8CVSS7.3AI score0.00603EPSS
Exploits0References3
Rows per page
Query Builder