14 matches found
EUVD-2016-6288
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-9103
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The v9fsxattrcreate function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host heap memory information by...
CVE-2016-5337
The megasasctrlgetinfo function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information...
CVE-2016-9103
The v9fsxattrcreate function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them...
Ubuntu 14.04 LTS / 16.04 LTS : QEMU vulnerabilities (USN-3047-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3047-1 advisory. Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this...
CVE-2016-2538
Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...
Integer overflow
Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...
CVE-2016-2538
Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...
CVE-2016-5337
The megasasctrlgetinfo function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information...
Information disclosure
The megasasctrlgetinfo function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information...
CVE-2016-5337
The megasasctrlgetinfo function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information...
CVE-2016-5337
The megasasctrlgetinfo function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information...
Out-of-bounds
The vmsvgafiforeadraw function in hw/display/vmwarevga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service QEMU process crash by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read...
CVE-2016-4454
The vmsvgafiforeadraw function in hw/display/vmwarevga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service QEMU process crash by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read...