56 matches found
CVE-2026-0665
An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potential memory corruption...
PT-2026-4318
Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description An error in QEMU’s KVM Xen guest support allows a malicious guest to cause out-of-bounds heap accesses within the QEMU process. This is triggered through the emulated Xen physdev hypercall...
EUVD-2013-4257
Malware in sbrugna...
EUVD-2015-5173
Malware in sbrugna...
EUVD-2012-3470
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-12892
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an...
SUSE CVE-2013-4375
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service domain grant reference consumption via unspecified vectors...
SUSE CVE-2015-2756
QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and then accessing...
SUSE CVE-2015-7311
libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image...
SUSE CVE-2016-9381
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability...
SUSE CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
SUSE: Security Advisory (SUSE-SU-2015:1384-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
Design/Logic Flaw
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
UBUNTU-CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
DEBIAN-CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
ALPINE-CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
CVE-2018-12892
An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or in some situations users may be able to write to supposedly read-only di...
libxl fails to honour readonly flag on HVM emulated SCSI disks
ISSUE DESCRIPTION libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. IMPACT Malicious guest administrators or in some situations users may be able to write to supposedly read-only disk images. VULNERABLE...
Information leak via crafted user-supplied CDROM
ISSUE DESCRIPTION QEMU handles many different file formats for virtual disks e.g., raw, qcow2, vhd, &c. Some of these formats are "snapshots" that specify "patches" to an alternate disk image, whose filename is included in the snapshot file. When qemu is given a disk but the type is not specified...