73 matches found
CVE-2019-11885
eyeDisk implements the unlock feature by sending a cleartext password. The password can be discovered by sniffing USB traffic or by sending a 06 05 52 41 01 b0 00 00 00 00 00 00 SCSI command...
Authorization Bypass
Linux kernel-rt is vulnerable to authorization bypass. The default SCSI command filter block/scsiioctl.c does not accommodate commands that overlap across device classes, allowing local users to bypass intended access restrictions to write arbitrary data to a read-only LUN via an SGIO ioctl call...
The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure
The vulnerability of the megasasctrlgetinfo function in the QEMU hardware emulation driver is caused by a buffer overflow on the stack. Exploiting this vulnerability allows an attacker, operating locally, to trigger a service failure using a SCSI controller that executes the CTRLGETINFO command...
CVE-2016-4952
QEMU aka Quick Emulator, when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds array access via vectors related to the 1 PVSCSICMDSETUPRINGS or 2 PVSCSICMDSETUPMSGRING SCSI command...
Design/Logic Flaw
QEMU aka Quick Emulator, when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds array access via vectors related to the 1 PVSCSICMDSETUPRINGS or 2 PVSCSICMDSETUPMSGRING SCSI command...
DEBIAN-CVE-2016-4441
The getcmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via unspecified vectors, involving an SCSI command...
CVE-2016-4441
The getcmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via unspecified vectors, involving an SCSI command...
CVE-2016-4441
The getcmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller FSC support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via unspecified vectors, involving an SCSI command...
CentOS 7 : kernel (CESA-2016:1033)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CentOS Update for kernel CESA-2015:1042 centos5
Check the version of kernel SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882189";...
CentOS 5 : kernel (CESA-2015:1042)
Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...
kernel security update
CentOS Errata and Security Advisory CESA-2015:1042 Updated kernel packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS...
RHEL 6 : rhev-hypervisor6 (RHSA-2013:0579)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0579 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...
MGASA-2013-0341 Updated qemu package fixes security vulnerability
A buffer overflow flaw was found in the way QEMU processed the SCSI "REPORT LUNS" command when more than 256 LUNs were specified for a single SCSI target. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code...
Amazon Linux AMI : kernel (ALAS-2012-34)
The Linux kernel before 3.2.2 does not properly restrict SGIO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to 1 a partition block device or 2 an LVM volume. C Tenable Network Security, Inc. The descriptive text a...
Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2013-2523)
The remote Oracle Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-2523 advisory. - block: default SCSI command filter does not accomodate commands overlap across device classes Jamie Iles Orabug: 16387137 CVE-2012-4542 - KVM: x86: Conver...
Unbreakable Enterprise kernel security and bugfix update
2.6.39-400.23.1 - Parallel mtrr init between cpus Zhenzhong Duan Orabug: 16777774 - Merge tag 'v2.6.39-400.21.1.16748891' of git://ca-git.us.oracle.com/linux-uek-2.6.39-ofed into uek-2.6.39-400 Maxim Uvarov Orabug: 16748891 - xen-blkfront: use a different scatterlist for each request Roger Pau...
CentOS Update for kernel CESA-2013:0496 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CentOS 6 : kernel (CESA-2013:0496)
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 6. This is the fourth regular update. The Red Hat Security Response Team has...