EUVD-2016-4733

Malware in sbrugna...

SUSE CVE-2016-3712

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash by editing VGA registers in VBE mode...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2016-1066)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Description of the security update for Office 2013: June 13, 2017

Description of the security update for Office 2013: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

FIN7 Evolution and the Phishing LNK

FIN7 is a financially-motivated threat group that has been associated with malicious operations dating back to late 2015. FIN7 is referred to by many vendors as “Carbanak Group”, although we do not equate all usage of the CARBANAK backdoor with FIN7. FireEye recently observed a FIN7 spear phishin...

qemu-kvm: Out-of-bounds read when creating weird vga screen surface

An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance...

qemu-kvm: Out-of-bounds read when creating weird vga screen surface

An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance...

Scientific Linux Security Update : kvm on SL5.x x86_64 (20160927)

Security Fixes : - An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges ...

qemu: incorrect banked access bounds checking in vga module

An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...

Fedora 22 : xen (2016-8fd9019541)

in systemd only try to load kernel modules that are in Fedora 1291089 x86 software guest page walk PS bit handling flaw XSA-176, CVE-2016-4480 1332657 ---- create link to /usr/bin/qemu-system-i386 from /usr/lib/xen/bin for back compatibility and for virt-manager, cleaner fix for XSA-179 on...

Fedora 23 : xen (2016-f1c21e3c3c)

qemu-kvm: Integer overflow in SDL when creating too wide screen QEMU: Banked access to VGA memory VBE uses inconsistent bounds checks XSA-179, CVE-2016-3710, CVE-2016-3712 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

FreeBSD : xen-tools -- QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks (e6ce6f50-4212-11e6-942d-bc5ff45d0f28)

The Xen Project reports : Qemu VGA module allows banked access to video memory using the window at 0xa00000 and it supports different access modes with different address calculations. Qemu VGA module allows guest to edit certain registers in 'vbe' and 'vga' modes. A privileged guest user could us...

CVE-2016-3712

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash by editing VGA registers in VBE mode...

Integer overflow

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash by editing VGA registers in VBE mode...

CVE-2016-3712

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash by editing VGA registers in VBE mode...

CVE-2016-3712

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash by editing VGA registers in VBE mode...

Important: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

qemu: incorrect banked access bounds checking in vga module

An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...

qemu: incorrect banked access bounds checking in vga module

An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...

qemu: incorrect banked access bounds checking in vga module

An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions VBE support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU...