12 matches found
EUVD-2021-34014
Malicious code in bioql PyPI...
SUSE: Security Advisory (SUSE-SU-2015:0349-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to crash the QEMU process,...
DEBIAN-CVE-2020-1711
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block LBA in an iscsicoblockstatus routine. A remote user could use this flaw to...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix two security issues are now available for Red Hat Enterprise Linux OpenStack Platform 4 and 5 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base...
USN-2342-1 qemu, qemu-kvm vulnerabilities
Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...
qemu security update
CentOS Errata and Security Advisory CESA-2014:1075 Updated qemu-kvm packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS ba...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix several security issues are now available for Red Hat Enterprise Linux OpenStack Platform 3.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Qemu: block: multiple integer overflow flaws
Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service crash via a crafted catalog size in 1 the parallelsopen function in block/parallels.c or 2 bochsopen function in bochs.c, a large L1 table in the 3 qcow2snapshotloadtmp i...
Qemu: block: missing input validation
QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privilege...
Qemu: block: possible crash due signed types or logic error
Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling updaterefcount routine...
RHEL 5 : xen (RHSA-2008:0194)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2008:0194 advisory. - xen xenmon.py / xenbaked insecure temporary file accesss CVE-2007-3919 - QEMU Buffer overflow via crafted net socket listen option...