153 matches found
CVE-2018-10839
Qemu emulator = 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS...
UBUNTU-CVE-2018-10839
Qemu emulator = 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS...
CVE-2015-8743
QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...
Design/Logic Flaw
QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...
CVE-2015-8743
QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...
CVE-2015-8743
QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...
CVE-2015-8743
QEMU aka Quick Emulator built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged CAPSYSRAWIO user/process could use this flaw to leak or corrupt QEMU memory bytes...
CVE-2015-8743
CVE-2015-8743 affects QEMU with NE2000 device emulation. The flaw is an out-of-bounds read/write in ioport r/w operations, exploitable by a privileged (CAP_SYS_RAWIO) user to leak or corrupt QEMU memory. Public fixes exist (e.g., vendor security updates, notably in SUSE/OpenSUSE advisories) that ...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1703-1)
qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...
Security update for qemu (important)
qemu was updated to fix 29 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avoi...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1560-1)
qemu was updated to fix 37 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...
CVE-2016-2841
The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...
DEBIAN-CVE-2016-2841
The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...
Design/Logic Flaw
The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...
CVE-2016-2841
The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...
CVE-2016-2841
The ne2000receive function in the NE2000 NIC emulation support hw/net/ne2000.c in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via crafted values for the PSTART and PSTOP registers, involving ring buffer control...
Ubuntu: Security Advisory (USN-2974-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-2974-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2974-1 advisory. Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue t...
USN-2974-1 qemu, qemu-kvm vulnerabilities
Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-2391 Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A...
Fedora 22 : qemu-2.3.1-13.fc22 (2016-bfaf6a133b)
CVE-2016-2538: Integer overflow in usb module bz 1305815 CVE-2016-2841: ne2000: infinite loop bz 1304047 CVE-2016-2857: net: out of bounds read bz 1309564 CVE-2016-2392: usb: NULL pointer dereference bz 1307115 spice: fix spicechraddwatch crash bz 1315049 Note that Tenable Network Security has...