SUSE-SU-2023:3495-1 Security update for xen

This update for xen fixes the following issues: - CVE-2023-20569: Fixed x86/AMD Speculative Return Stack Overflow XSA-434 bsc1214082. - CVE-2022-40982: Fixed x86/Intel Gather Data Sampling XSA-435 bsc1214083. - CVE-2023-20593: Fixed x86/AMD Zenbleed XSA-433 bsc1213616...

Debian DLA-1128-1 : qemu-kvm security update

Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-14167 Incorrect validation of multiboot headers could result in the execution of arbitrary code. CVE-2017-15038 When using...

DLA-689-1 qemu-kvm - security update

Bulletin has no description...

x86: Mishandling of instruction pointer truncation during emulation

ISSUE DESCRIPTION When emulating HVM instructions, Xen uses a small i-cache for fetches from guest memory. The code that handles cache misses does not check if the address from which it fetched lies within the cache before blindly writing to it. As such it is possible for the guest to overwrite...

Xen Privilege Escalation (XSA-182) (Bunker Buster)

According to its self-reported version number, the remote Xen hypervisor is affected by a privilege escalation vulnerability in the paravirtualization PV pagetable implementation due to incorrect usage of fast-paths for making updates to pre-existing pagetable entries. An attacker with...

DLA-574-1 qemu-kvm - security update

Bulletin has no description...

Debian DLA-539-1 : qemu-kvm security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests. CVE-2016-3710 Wei Xiao and Qinghao Tang of 360.cn Inc discovered an out-of-bounds read and write flaw in the QEMU VGA module. A privileged guest user could use this...

[SECURITY] [DLA 539-1] qemu-kvm security update

Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u13 CVE ID : CVE-2016-3710 CVE-2016-3712 Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests. CVE-2016-3710 Wei Xiao and Qinghao Tang of 360.cn Inc discovered an...

Debian DSA-3469-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large packets....

Debian DSA-3471-1 : qemu - security update

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. - CVE-2015-7504 Qinghao...

Debian DSA-3470-1 : qemu-kvm - security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large...

Debian Security Advisory DSA 3470-1 (qemu-kvm - security update)

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service via resource exhaustion, that could occur when receiving large packet...

DSA-3469-1 qemu - security update

Bulletin has no description...

Debian Security Advisory DSA 3362-1 (qemu-kvm - security update)

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2015-5278 Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service QEMU process...

DSA-3362-1 qemu-kvm - security update

Bulletin has no description...

[SECURITY] [DSA 3349-1] qemu-kvm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3349-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 02, 2015 https://www.debian.org/security/faq -...

Debian DSA-3285-1 : qemu-kvm - security update

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2015-3209 Matt Tait of Google's Project Zero security team discovered a flaw in the way QEMU's AMD PCnet Ethernet emulation handles multi-TMD packets with a length above 4096 bytes. A...

[SECURITY] [DSA 3088-1] qemu-kvm security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3088-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 04, 2014 http://www.debian.org/security/faq -...

DSA-3088-1 qemu-kvm - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3067-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...