EUVD-2017-16510

Malware in sbrugna...

EUVD-2016-10406

Malware in sbrugna...

SUSE CVE-2016-9602

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host...

SUSE CVE-2017-7471

Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...

SUSE CVE-2017-7493

Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System9pfs support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges...

SUSE: Security Advisory (SUSE-SU-2019:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:13962-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0582-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4725-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4725-1: QEMU vulnerabilities

It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2020-11947 Alexander Bulekov discovered tha...

USN-4725-1 qemu vulnerabilities

It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2020-11947 Alexander Bulekov discovered tha...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-4725-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4725-1 advisory. It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this...

Privilege Escalation

qemu is vulnerable to privilege escalation. An improper access control allows an attacker to obtain higher privileges by exploiting the vulnerability while accessing the virtfs metadata files in mapped-file security mode...

Privilege Escalation

Qemu is vulnerable to privilege escalation. An improper link following occurs when building with the VirtFS. A privileged user inside guest can exploit the vulnerability to access host file system beyond the shared folder and potentially escalating their privileges on a host...

CVE-2017-7471

Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System 9pfs support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to access host file system...

CVE-2017-7493

Quick Emulator Qemu built with the VirtFS, host directory sharing via Plan 9 File System9pfs support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges...

EulerOS Virtualization 3.0.1.0 : qemu (EulerOS-SA-2019-1444)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the network, if the siz...

openSUSE Security Update : qemu (openSUSE-2019-254)

This update for qemu fixes the following issues : Security issues fixed : - CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation bsc1123156. - CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp bsc1119493. -...

Security update for qemu (important)

openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2019:0254-1 Rating: important References: 1063993 1079730 1100408 1101982 1112646 1114957 1116717 1117275 1119493 1121600 1123156 1123179 Cross-References: CVE-2018-16872 CVE-2018-18954 CVE-2018-19364 CVE-2018-19489...

SUSE SLES12 Security Update : qemu (SUSE-SU-2019:0489-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2019-6778: Fixed a heap buffer overflow issue in the SLiRP networking implementation bsc1123156. CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp bsc1119493. CVE-2018-19489:...