USN-8412-1 qemu vulnerabilities

Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that the iSCSI block driver in QEMU incorrectly handled certain responses from an iSCSI server. A remote attacker could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary...

EUVD-2020-5111

Malware in sbrugna...

SUSE CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...

The vulnerability of the sm501_2d_operation function in the QEMU hardware emulation software, located in the sm501.c file, involves integer overflows, which allow attackers to compromise data integrity.

The vulnerability of the sm5012doperation function in the QEMU hardware emulation software, located in the sm501.c file, is related to integer overflows. Exploiting this vulnerability could allow an attacker to compromise data integrity...

SUSE: Security Advisory (SUSE-SU-2021:1244-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1632)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2021-1527)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw...

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2021-1256)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service. An integer overflow in the SM501 display driver implementation allows an attacker to crash the QEMU process in sm5012doperation in hw/display/sm501.c on the host. The vulnerability exists in the COPYAREA macro while handling MMIO write operations through t...

In QEMU through 5.0.0 an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host resulting in a denial of service.

...

DEBIAN-CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...

CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...

CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...

Integer overflow

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...

CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...

CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...

CVE-2020-12829

In QEMU

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4467-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4467-1 advisory. Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP ec...

USN-4467-1 qemu vulnerabilities

Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...

CVE-2020-12829

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPYAREA macro while handling MMIO write operations through the sm5012denginewrite callback. A local attacker could abuse this flaw to crash the QEMU process in sm5012doperatio...