what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2020-1711

Status Candidate

Overview

An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.

Related Files

Microsoft Windows WindowsCodecsRaw!CCanonRawImageRep::GetNamedWhiteBalances Out-Of-Bounds Read
Posted Nov 13, 2020
Authored by Ivan Fratric, Google Security Research

There is an out-of bounds read vulnerability in WindowsCodecsRaw.dll while processing a malformed Canon raw image. This can potentially lead to disclosing the memory of the affected process. All applications that use Windows Image Codecs for image parsing are potentially affected. The vulnerability has been confirmed on Windows 10 v2004 with the most recent patches applied.

tags | advisory
systems | windows
advisories | CVE-2020-17113
SHA-256 | 449ae24e2e05dd0778a7ef251c34dfe7a3baf77ef865a69c498ccb7a059d82e3
Red Hat Security Advisory 2020-2472-01
Posted Jun 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2472-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. An out-of-bounds heap access issue was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 24cbe04364c257f21634732291cd311b68c195aeb26b828bf8897958e566c3e5
Gentoo Linux Security Advisory 202005-02
Posted May 13, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202005-2 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11102, CVE-2020-1711, CVE-2020-7039
SHA-256 | 15921c9ae8a59d8123ac70b4cd07c28a8b06da9679370458f19f5ef2b3c89b31
Red Hat Security Advisory 2020-1505-01
Posted Apr 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1505-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | b25f5dec4c402858188a5115666811bd7848482f310d03c5908fe666932cf1d6
Red Hat Security Advisory 2020-1358-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1358-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
SHA-256 | c9a77bbf4ba5eff67132a363b838be50e5f09b3583428979136412710a2be6be
Red Hat Security Advisory 2020-1352-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1352-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039, CVE-2020-8608
SHA-256 | abab3af6ab91cddd444c056748413aea3ec3b5bb4f82fbfbdf5428e6961aab58
Red Hat Security Advisory 2020-1300-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1300-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039, CVE-2020-8608
SHA-256 | 3b3c803f11b4c41a45febe8388c0473da3dde22357cdfbf6ed410e72a987fcf3
Red Hat Security Advisory 2020-1296-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1296-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
SHA-256 | 582a06d1a570f22689b6e0e0554844dd019ec443602dd9afc0ae81f7061759a3
Red Hat Security Advisory 2020-1150-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1150-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
SHA-256 | b554ce9fed197ecbdf014ae8b6636aa7fdace8c1a71e34ba14da187d8bef9510
Red Hat Security Advisory 2020-1216-01
Posted Mar 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1216-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-12155, CVE-2019-14378, CVE-2020-1711
SHA-256 | 7021d08a29d53c69539017e8132d9093b0402844dddc4c702e79590375c6ce75
Red Hat Security Advisory 2020-0773-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0773-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 60eb6a15e04cea05f1d24e5195704c6dd78857c339f8cc80b121340284ea2753
Red Hat Security Advisory 2020-0731-01
Posted Mar 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0731-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 4bedc352e59f6c7c3d9af431d3c2f64ecbf7fe1ece1c9a201f306f2199000fd3
Red Hat Security Advisory 2020-0730-01
Posted Mar 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0730-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11135, CVE-2020-1711
SHA-256 | 97719d3620325b820aca7c519b2a3ad307d48d09cd3e03f29b0daccf93f84efe
Red Hat Security Advisory 2020-0669-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0669-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability has been addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 3a667ec0799bac2febeb85814d40c6f07c5a57a238ccbde21565372f10eefeba
Ubuntu Security Notice USN-4283-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4283-1 - Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. It was discovered that the QEMU libslirp component incorrectly handled memory. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-1711
SHA-256 | 67a70bed9e03b20a8ad75770a4d3bc7d50b6aa1db9c132a09f67280b8a8bf16a
Debian Security Advisory 4616-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-15890, CVE-2020-1711, CVE-2020-7039
SHA-256 | c86925d33e285cee87de038a4e6d41f8b66dba7c5d35bbf49853a20cf80e0b49
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close