19 matches found
CentOS 8 : virt:rhel (CESA-2020:4059)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4059 advisory. - QEMU: slirp: networking out-of-bounds read information disclosure vulnerability CVE-2020-10756 - QEMU: usb: out-of-bounds r/w access issue while...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...
RHEL 7 : qemu-kvm-rhev (RHSA-2020:4176)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:4176 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the...
Important: Red Hat Security Advisory: qemu-kvm-ma security update
An update for qemu-kvm-ma is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Net-SNMPd Write Access SNMP-EXTEND-MIB arbitrary code execution (authenticated)
Targets running Net-SNMPd may be vulnerable to remote code execution. If the service user has R/W access and the attacker knows the SNMP community string value, then the attacker can manipulate the target’s SNMP extension MIBs SNMP-EXTEND-MIB to enable and achieve remote code execution on the...
CVE-2018-16847
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvmecmbops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU...
CVE-2018-16847
An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvmecmbops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Apple iOS 10.2 (14C92) - Remote Code Execution
Apple iOS 10.2 14C92 - Remote Code Execution Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1317c3 The exploit achieves R/W access to the host's physical memory. This exploit has been tested on the iPhone 7, iOS 10.2 14C92. To run the exploit against different devices or...
Google Researcher Publishes PoC Exploit for Apple iPhone Wi-Fi Chip Hack
You have now another good reason to update your iPhone to newly released iOS 11—a security vulnerability in iOS 10 and earlier now has a working exploit publicly available. Gal Beniamini, a security researcher with Google Project Zero, has discovered a security vulnerability CVE-2017-11120 in...
OracleVM 3.4 : qemu-kvm (OVMSA-2017-0101)
The remote OracleVM system is missing necessary patches to address critical security updates : - kvm-cirrus-avoid-write-only-variables.patch bz1444377 bz1444379 - kvm-cirrus-stop-passing-around-dst-pointers-in-the-blitt .patch - kvm-cirrus-stop-passing-around-src-pointers-in-the-blitt .patch -...
Oracle Linux 6 : qemu-kvm (ELSA-2017-1206)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-1206 advisory. - Resolves: bz1444377 CVE-2017-7980 qemu-kvm: Qemu: display: cirrus: OOB r/w access issues in bitblt routines rhel-6.9.z - Resolves: bz1444379...
CVE-2015-8817
QEMU aka Quick Emulator built to use 'addressspacetranslate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pcidmaread/write calls. Affects QEMU versions = 1.6.0 and = 2.3.1. A privileged user inside guest could use this flaw to cra...
Design/Logic Flaw
QEMU aka Quick Emulator built to use 'addressspacetranslate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pcidmaread/write calls. Affects QEMU versions = 1.6.0 and = 2.3.1. A privileged user inside guest could use this flaw to cra...
Fedora 22 : 2:qemu (2016-ea3002b577)
CVE-2016-4002: net: buffer overflow in MIPSnet bz 1326083 - CVE-2016-4952 scsi: pvscsi: out-of-bounds access issue - CVE-2016-5106: scsi: megasas: out-of-bounds write bz 1339581 - CVE-2016-5105: scsi: megasas: stack information leakage bz 1339585 - CVE-2016-5107: scsi: megasas: out-of-bounds read...
Fedora 23 : xen-4.5.2-9.fc23 (2016-f4504e9445)
Qemu: nvram: OOB r/w access in processing firmware configurations CVE-2016-1714 1296080 Qemu: i386: NULL pointer dereference in vapicwrite CVE-2016-1922 1292767 qemu: Stack-based buffer overflow in megasasctrlgetinfo CVE-2015-8613 1293305 qemu-kvm: Infinite loop and out-of-bounds transfer start i...
Oracle Linux 7 : qemu-kvm (ELSA-2016-0083)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2016-0083 advisory. - Resolves: bz1298047 CVE-2016-1714 qemu-kvm: Qemu: nvram: OOB r/w access in processing firmware configurations rhel-7.2.z Tenable has extracted the preceding...