There is an out-of bounds read vulnerability in WindowsCodecsRaw.dll while processing a malformed Canon raw image. This can potentially lead to disclosing the memory of the affected process. All applications that use Windows Image Codecs for image parsing are potentially affected. The vulnerability has been confirmed on Windows 10 v2004 with the most recent patches applied.
449ae24e2e05dd0778a7ef251c34dfe7a3baf77ef865a69c498ccb7a059d82e3Red Hat Security Advisory 2020-2472-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. An out-of-bounds heap access issue was addressed.
24cbe04364c257f21634732291cd311b68c195aeb26b828bf8897958e566c3e5Gentoo Linux Security Advisory 202005-2 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r5 are affected.
15921c9ae8a59d8123ac70b4cd07c28a8b06da9679370458f19f5ef2b3c89b31Red Hat Security Advisory 2020-1505-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability was addressed.
b25f5dec4c402858188a5115666811bd7848482f310d03c5908fe666932cf1d6Red Hat Security Advisory 2020-1358-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.
c9a77bbf4ba5eff67132a363b838be50e5f09b3583428979136412710a2be6beRed Hat Security Advisory 2020-1352-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.
abab3af6ab91cddd444c056748413aea3ec3b5bb4f82fbfbdf5428e6961aab58Red Hat Security Advisory 2020-1300-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.
3b3c803f11b4c41a45febe8388c0473da3dde22357cdfbf6ed410e72a987fcf3Red Hat Security Advisory 2020-1296-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.
582a06d1a570f22689b6e0e0554844dd019ec443602dd9afc0ae81f7061759a3Red Hat Security Advisory 2020-1150-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.
b554ce9fed197ecbdf014ae8b6636aa7fdace8c1a71e34ba14da187d8bef9510Red Hat Security Advisory 2020-1216-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and null pointer vulnerabilities.
7021d08a29d53c69539017e8132d9093b0402844dddc4c702e79590375c6ce75Red Hat Security Advisory 2020-0773-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.
60eb6a15e04cea05f1d24e5195704c6dd78857c339f8cc80b121340284ea2753Red Hat Security Advisory 2020-0731-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.
4bedc352e59f6c7c3d9af431d3c2f64ecbf7fe1ece1c9a201f306f2199000fd3Red Hat Security Advisory 2020-0730-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.
97719d3620325b820aca7c519b2a3ad307d48d09cd3e03f29b0daccf93f84efeRed Hat Security Advisory 2020-0669-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability has been addressed.
3a667ec0799bac2febeb85814d40c6f07c5a57a238ccbde21565372f10eefebaUbuntu Security Notice 4283-1 - Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. It was discovered that the QEMU libslirp component incorrectly handled memory. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
67a70bed9e03b20a8ad75770a4d3bc7d50b6aa1db9c132a09f67280b8a8bf16aDebian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.
c86925d33e285cee87de038a4e6d41f8b66dba7c5d35bbf49853a20cf80e0b49
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed