Security Bulletin: PowerKVM is affected by a Qemu vulnerability (CVE-2015-1779)

Summary PowerKVM is vulnerable to Qemu vulnerability CVE-2015-1779. Vulnerability Details CVEID: CVE-2015-1779 DESCRIPTION: QEMU is vulnerable to a denial of service, caused by an error when processing incoming frames by the websocket frame decoder. A remote attacker from within the local network...

Moderate: Red Hat Security Advisory: qemu-kvm security update

Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fr...

Mandriva Linux Security Advisory : qemu (MDVSA-2015:210)

Updated qemu packages fix security vulnerabilities : A denial of service flaw was found in the way QEMU handled malformed Physical Region Descriptor Table PRDT data sent to the host's IDE and/or AHCI controller emulation. A privileged guest user could use this flaw to crash the system rhbz1204919...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...