Gentoo Linux Security Advisory 201604-3 - Multiple vulnerabilities have been found in Xen, the worst of which cause a Denial of Service. Versions less than 4.6.0-r9 are affected.
a7e9bd9d6342dd146c7a64ee40be706e83549d090ba7149e7ac964a6280a8109Gentoo Linux Security Advisory 201510-2 - A heap-based buffer overflow in QEMU could result in execution of arbitrary code. Versions less than 2.3.0-r4 are affected.
947d9bf965c7d67dffe41ba0520fc50e4a6c74e1a0831f6018772274dde8386fRed Hat Security Advisory 2015-1189-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process.
39d964d6cb4b4dda9a64b2021f7fbd2ea4a581275c0694de8d847d2d82bfa972Debian Linux Security Advisory 3286-1 - Multiple security issues have been found in the Xen virtualisation solution.
df4617fff922fb14aa9bb8c070aeda54fe27f17dd3749d173e00aec0f1557304Debian Linux Security Advisory 3285-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.
e33433c17499dd79c1bb1dae8bdae24e5514dc76b4688c07b38375f0c1b0cb3dUbuntu Security Notice 2630-1 - Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. Kurt Seifried discovered that QEMU incorrectly handled certain temporary files. A local attacker could use this issue to cause a denial of service. Various other issues were also addressed.
0cf8d12b43821d761977856e4b4c7a6239ab8e88288255906bfafed04c494023Red Hat Security Advisory 2015-1087-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process.
0fe1945be6bf962325bee5e730727f5f8ea145f6c15adc6c7d73a550c9144439Red Hat Security Advisory 2015-1089-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process.
b4c26c5ed1a0b3e115749608ddee7e1368cd77c7cb48bf24870a5399e75da672Red Hat Security Advisory 2015-1088-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process.
e096b5cda74de0e4008ee21cfe87fe2c036e2a6ffb12d3f0be5fd982807358d1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed