34 matches found
EUVD-2019-16336
Malware in sbrugna...
EUVD-2019-19186
Malware in sbrugna...
K29103455: QEMU 3.0.0 vulnerability CVE-2019-9824
Security Advisory Description tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. CVE-2019-9824 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K17520069: QEMU 3.0.0 heap-based buffer overflow CVE-2019-6778
Security Advisory Description In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow. CVE-2019-6778 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for...
SUSE CVE-2020-7039
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...
AlmaLinux 8 : virt:rhel (ALSA-2020:1358)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1358 advisory. QEMU: block: iscsi: OOB heap access via an unexpected response of iSCSI Server CVE-2020-1711 QEMU: slirp: OOB buffer access while emulating tcp protocols ...
AlmaLinux 8 : virt:rhel (ALSA-2019:3345)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3345 advisory. ntfs-3g: heap-based buffer overflow leads to local root privilege escalation CVE-2019-9755 QEMU: slirp: information leakage in tcpemu due to uninitialized...
CentOS 8 : virt:rhel (CESA-2019:3345)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:3345 advisory. - QEMU: qxl: null pointer dereference while releasing spice resources CVE-2019-12155 - ntfs-3g: heap-based buffer overflow leads to local root privileg...
RHEL 8 : virt:rhel (RHSA-2020:1344)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1344 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packag...
RHEL 7 : qemu-kvm-rhev (RHSA-2020:1300)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1300 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...
QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu()
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the tcpemu routine while emulating IRC and other protocols. An attacker could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential...
The vulnerability of the TCP/IP emulator tcp_emu(), Slirp emulator, and the hardware emulation software QEMU allows a hacker to induce a service failure.
The vulnerability of the tcpemu function slirp/tcpsubr.c of the Slirp TCP/IP emulator and the QEMU hardware emulation software is related to the execution of operations outside the data buffer “scrcv-sbdata”. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2020-7039
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...
CVE-2020-7039
tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code...
CVE-2020-7039
CVE-2020-7039 affects SLiRP’s tcp_emu in libslirp (used by QEMU 4.2.0); memory mismanagement can cause a heap-based buffer overflow leading to DoS or potential arbitrary code execution. Public advisories confirm fixes are shipped in updated qemu-kvm/qemu releases (e.g., Debian: 1:1.0.17-8+deb9u1;...
RHEL 8 : virt:rhel (RHSA-2019:3345)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3345 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
RHEL 6 : qemu-kvm (RHSA-2019:2892)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2892 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...
NewStart CGSL MAIN 4.06 : qemu-kvm Vulnerability (NS-SA-2019-0176)
The remote NewStart CGSL host, running version MAIN 4.06, has qemu-kvm packages installed that are affected by a vulnerability: - tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure. CVE-2019-9824 Note that...
CentOS 7 : qemu-kvm (CESA-2019:1883)
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RHEL 7 : qemu-kvm (RHSA-2019:1883)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1883 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...