7 matches found
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1703-1)
qemu was updated to fix 29 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...
Security update for qemu (important)
qemu was updated to fix 29 security issues. These security issues were fixed: - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avoi...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2016:1560-1)
qemu was updated to fix 37 security issues. These security issues were fixed : - CVE-2016-4439: Avoid OOB access in 53C9X emulation bsc980711 - CVE-2016-4441: Avoid OOB access in 53C9X emulation bsc980723 - CVE-2016-4952: Avoid OOB access in Vmware PV SCSI emulation bsc981266 - CVE-2015-8817: Avo...
CVE-2016-2392
The isrndis function in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via vectors...
Integer overflow
Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...
CVE-2016-2538
Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...
CVE-2016-2392
The isrndis function in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via vectors...