Red Hat Security Advisory 2020-4676-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include denial of service and use-after-free vulnerabilities.
93e8b9c4d4f4570afe83e1f43d1e9e259507e1b4cf78ec970d599aef7c373a59Red Hat Security Advisory 2020-0889-01 - The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless containers. Issues addressed include buffer overflow and use-after-free vulnerabilities.
cb90c6cd9a262933377b552a4fe0e120111a99614cf0f6c9da1cefaa8d581cbdRed Hat Security Advisory 2020-0775-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include buffer overflow and use-after-free vulnerabilities.
1bec67f6c9e4cee34c9dd01f43184ed7cec9d7278ef1ba6c863492ae119690b9Debian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.
c86925d33e285cee87de038a4e6d41f8b66dba7c5d35bbf49853a20cf80e0b49Ubuntu Security Notice 4191-1 - It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Sergej Schumilo, Cornelius Aschermann and Simon Woerner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a null pointer dereference. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.
aee81e66d46141ffe8a014607d051bd70b2b1232ee96bcb442a1838008da393bUbuntu Security Notice 4191-2 - USN-4191-2 fixed a vulnerability in QEMU. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ae017f5886a9bd72e047c3db07423197155e2dbe1d4b843e052ead1516d83a3a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed