Gentoo Linux Security Advisory 201412-1 - Multiple vulnerabilities have been found in QEMU, the worst of which allows context dependent attackers to cause Denial of Service. Versions less than 2.1.2-r1 are affected.
db1a5bd8e4e947de1f052c0efff6a9541782125b666407bd6f444a122ac0d75eRed Hat Security Advisory 2014-1941-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM, in environments managed by Red Hat Enterprise Linux OpenStack Platform. An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest. This issue was discovered by Laszlo Ersek of Red Hat.
4166a063e862f52056ad9e930f6dff60af42d309f41742398b54086f642abc07Ubuntu Security Notice 2409-1 - Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when using guest networking. A malicious guest could possibly use this issue to cause a denial of service. Various other issues were also addressed.
0560bed7a0207b09b9eee574c086a9c96540723b7c21d6b2f08c965ea0f7d038Red Hat Security Advisory 2014-1670-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest. This issue was discovered by Laszlo Ersek of Red Hat.
bbc96909469d3ba784e67ae678b88fc4ca6bc28433973aece36f29d26361811dRed Hat Security Advisory 2014-1669-02 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's VGA emulator accessed frame buffer memory for high resolution displays. A privileged guest user could use this flaw to leak memory contents of the host to the guest by setting the display to use a high resolution in the guest. This issue was discovered by Laszlo Ersek of Red Hat.
c1bd171b560b317db9a1ae26865140cf1989ab72f78bea76ac4971e6cb598ea2Debian Linux Security Advisory 3045-1 - Several vulnerabilities were discovered in qemu, a fast processor emulator.
70386335468c79a9bd2bd25b77c7a646092311f40b2f6b2d2f8c4b641e26f40fDebian Linux Security Advisory 3044-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.
e8599a5674fc1ceb3a5eeb1f77badb3c647eb985a9f21338ab517290856e4b31
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed