Showing 1 - 4 of 4

CVE-2018-17958

Status Candidate

Overview

Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.

Red Hat Security Advisory 2019-2553-01: Posted Aug 22, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2553-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include CPU related, buffer overflow, and information leakage vulnerabilities.; tags | advisory, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-17958, CVE-2018-17963, CVE-2018-20815, CVE-2019-11091, CVE-2019-6501, CVE-2019-9824; SHA-256 | 7acc2576aa8fb450953d3b4fc4a43fe8b7b8a50f4b5d7ca1b06988e063eb8ef2; Download | Favorite | View

Red Hat Security Advisory 2019-2425-01: Posted Aug 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-2425-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and information leakage vulnerabilities.; tags | advisory, overflow, vulnerability; systems | linux, redhat; advisories | CVE-2018-15746, CVE-2018-17958, CVE-2018-17963, CVE-2019-6501, CVE-2019-6778, CVE-2019-9824; SHA-256 | d8a0c17f6966983bd5d0c20390af20e3c934d76a58063bbc17816213c2604520; Download | Favorite | View

Debian Security Advisory 4454-1: Posted May 31, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4454-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure.; tags | advisory, denial of service, arbitrary, info disclosure; systems | linux, debian; advisories | CVE-2018-11806, CVE-2018-12617, CVE-2018-16872, CVE-2018-17958, CVE-2018-18849, CVE-2018-18954, CVE-2018-19364, CVE-2018-19489, CVE-2019-12155, CVE-2019-3812, CVE-2019-6778, CVE-2019-9824; SHA-256 | cba000ba6722bbd7ea6515d914172a949427ee73bb4a672c4b7065b7f6df2144; Download | Favorite | View

Ubuntu Security Notice USN-3826-1: Posted Nov 26, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3826-1 - Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled NE2000 device emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that QEMU incorrectly handled the Slirp networking back-end. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2018-10839, CVE-2018-11806, CVE-2018-12617, CVE-2018-16847, CVE-2018-17958, CVE-2018-17962, CVE-2018-17963, CVE-2018-18849, CVE-2018-18954, CVE-2018-19364; SHA-256 | 4e4c876bb878a34b2dd16b55e3b1d2a08ed115428511e04586ecb54058caa47b; Download | Favorite | View

Page 1 of 1 Back 1 Next