Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : QEMU vulnerabilities (USN-3826-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3826-1 advisory. Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest...

USN-3826-1 qemu vulnerabilities

Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2018-10839 It was discovered that QEMU incorrectly handled the Slirp networking back-en...

Xen QEMU PCNET Controller Heap Overflow Vulnerability

Xen is a virtualization technology for the Linux kernel that allows multiple operating systems to run simultaneously. A heap overflow vulnerability exists in the Xen QEMU PCNET device controller, which allows an attacker to execute arbitrary code on the host in the context of a QEMU process...