EUVD-2015-5257

Malware in sbrugna...

EUVD-2015-5258

Malware in sbrugna...

RHEL 7 : kvm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Qemu: net: buffer overflow in MIPSnet emulator CVE-2016-4002 - Integer overflow in the VNC display driver...

CVE-2015-5278

The ne2000receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service infinite loop and instance crash or possibly execute arbitrary code via vectors related to receiving packets...

Code injection

The ne2000receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service infinite loop and instance crash or possibly execute arbitrary code via vectors related to receiving packets...

CVE-2015-5278

The ne2000receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service infinite loop and instance crash or possibly execute arbitrary code via vectors related to receiving packets...

CVE-2015-5278

The ne2000receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service infinite loop and instance crash or possibly execute arbitrary code via vectors related to receiving packets...

CVE-2015-5278

The CVE-2015-5278 entry concerns QEMU’s ne2000_receive() in hw/net/ne2000.c, where an attacker could trigger an infinite loop and crash the QEMU instance, potentially enabling arbitrary code execution via crafted network packets. Public sources in the CVE context confirm the vulnerability exists ...

Fedora 23 : xen-4.5.2-9.fc23 (2016-f4504e9445)

Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 1296080 Qemu: i386: NULL pointer dereference in vapicwrite CVE-2016-1922 1292767 qemu: Stack-based buffer overflow in megasasctrlgetinfo CVE-2015-8613 1293305 qemu-kvm: Infinite loop and out-of-bounds transfer start i...

xen security update

3.0.3-147.el5 - net: add checks to validate ring buffer pointers - Resolves: bz1263273 xen: qemu: Heap overflow vulnerability in ne2000receive function...

Oracle Linux 5 : kvm (ELSA-2015-1925)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1925 advisory. kvm-83-274.0.1.el5 - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch kvm-83.274.el5 -...

CVE-2015-5279

Heap-based buffer overflow in the ne2000receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service instance crash or possibly execute arbitrary code via vectors related to receiving packets...

Fedora 23 : qemu-2.4.0-4.fc23 (2015-16370)

CVE-2015-6815: net: e1000: infinite loop issue bz 1260225 CVE-2015-6855: ide: divide by zero issue bz 1261793 CVE-2015-5278: Infinite loop in ne2000receive bz 1263284 CVE-2015-5279: Heap overflow vulnerability in ne2000receive bz 1263287 ---- Fix emulation of various instructions, required by...

QEMU ne2000_receive() Denial of Service Vulnerability

QEMU is an open source emulator software. A denial-of-service vulnerability exists in QEMU's ne2000receive, which allows a privileged user on a local Guest system to crash a QEMU instance...

QEMU ne2000_receive() buffer overflow vulnerability

QEMU is an open source emulator software. A buffer overflow vulnerability exists in QEMU's ne2000receive, which allows a privileged user on a local Guest system to crash a QEMU instance or possibly execute arbitrary code...

CVE-2015-5278

The ne2000receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service infinite loop and instance crash or possibly execute arbitrary code via vectors related to receiving packets...