qemu-kvm security and bug fix update

0.12.1.2-2.415.el65.10 - kvm-virtio-out-of-bounds-buffer-write-on-invalid-state-l.patch bz1095692 - kvm-usb-sanity-check-setupindex-setuplen-in-postload.patch bz1095743 - kvm-usb-sanity-check-setupindex-setuplen-in-postload-2.patch bz1095743 -...

Debian DSA-2933-1 : qemu-kvm - security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in ...

Debian DSA-2932-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. -...

[SECURITY] [DSA 2933-1] qemu-kvm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2933-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 19, 2014 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2933-1] qemu-kvm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2933-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano May 19, 2014 http://www.debian.org/security/faq -...

DSA-2933-1 qemu-kvm - security update

Bulletin has no description...

Debian Security Advisory DSA 2933-1 (qemu-kvm - security update)

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a...

CVE-2014-2894

Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...

CVE-2014-2894

CVE-2014-2894 affects QEMU prior to 2.0, due to an off-by-one error in the cmd_smart function of the smart self test (hw/ide/core.c) that can trigger a buffer underflow and memory corruption via SMART EXECUTE OFFLINE. Local users are potentially affected; remediation is to upgrade to patched QEMU...

CVE-2014-2894

Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...

CVE-2014-2894

Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...

PT-2014-4951 · Qemu +5 · Qemu +5

Name of the Vulnerable Software and Affected Versions: QEMU versions prior to 2.0 Description: The issue is caused by an off-by-one error in the cmd smart function in the smart self test in hw/ide/core.c. This error can be triggered by a SMART EXECUTE OFFLINE command, leading to a buffer underflo...