Red Hat Security Advisory 2019-2892-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include buffer overflow and null pointer vulnerabilities.
0fcbebe953b6c4aada1fd3c4b1308f4ee58c35bc19df6c3803aefe01b2e4c60a
Slackware Security Advisory - New zsh packages are available for Slackware 14.0, 14.1, and 14.2 to fix security issues.
75714a129e42d4b4915bf3a86c269a8547eaafbdae3c85324b24890e055279b1
Ubuntu Security Notice 3826-1 - Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that QEMU incorrectly handled the Slirp networking back-end. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.
4e4c876bb878a34b2dd16b55e3b1d2a08ed115428511e04586ecb54058caa47b
Debian Linux Security Advisory 4338-1 - Integer overflows in the processing of packets in network cards emulated by QEMU, a fast processor emulator, could result in denial of service.
3ee919b5ecb75492da066ae2c408500b9f95c2ae0828d39c6915d853e0f6a2af
Red Hat Security Advisory 2018-3073-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. Issues addressed include buffer overflow and code execution vulnerabilities.
be3d8852b1af029a739b1086e6b911f73b5c55e8833f586363f67a4443883f35
Red Hat Security Advisory 2018-1932-01 - The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell, but includes many enhancements. Zsh supports command-line editing, built-in spelling correction, programmable command completion, shell functions, a history mechanism, and more. Issues addressed include buffer overflow and code execution vulnerabilities.
6e92fa4a1f8faa6cbbfe11a277ce8dde91c2e66563b8ac7239e71ab8260f24ad
Gentoo Linux Security Advisory 201805-10 - Multiple vulnerabilities have been found in Zsh, the worst of which could allow local attackers to execute arbitrary code. Versions less than 5.5 are affected.
bcc13399a5aa0244fbf2117c08f42b8c6a1cf2d324abe383a04b370e63109d6b
ModbusPal version 1.6b suffers from an XML external entity injection vulnerability.
53bb5160dea2fc4c4d5c9c108d6af89ad0622323762be453253962cff0dc4dff
Ubuntu Security Notice 3608-1 - Richard Maciel Costa discovered that Zsh incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. It was discovered that Zsh incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.
4a99fa767bd53ffe79f1111930bcaa884a7ab3ea59090e770b75211d35a9356a