what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2020-1711

Status Candidate

Overview

An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.

Related Files

Microsoft Windows WindowsCodecsRaw!CCanonRawImageRep::GetNamedWhiteBalances Out-Of-Bounds Read
Posted Nov 13, 2020
Authored by Ivan Fratric, Google Security Research

There is an out-of bounds read vulnerability in WindowsCodecsRaw.dll while processing a malformed Canon raw image. This can potentially lead to disclosing the memory of the affected process. All applications that use Windows Image Codecs for image parsing are potentially affected. The vulnerability has been confirmed on Windows 10 v2004 with the most recent patches applied.

tags | advisory
systems | windows
advisories | CVE-2020-17113
SHA-256 | 449ae24e2e05dd0778a7ef251c34dfe7a3baf77ef865a69c498ccb7a059d82e3
Red Hat Security Advisory 2020-2472-01
Posted Jun 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2472-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. An out-of-bounds heap access issue was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 24cbe04364c257f21634732291cd311b68c195aeb26b828bf8897958e566c3e5
Gentoo Linux Security Advisory 202005-02
Posted May 13, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202005-2 - Multiple vulnerabilities have been found in QEMU, the worst of which could result in the arbitrary execution of code. Versions less than 4.2.0-r5 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2020-11102, CVE-2020-1711, CVE-2020-7039
SHA-256 | 15921c9ae8a59d8123ac70b4cd07c28a8b06da9679370458f19f5ef2b3c89b31
Red Hat Security Advisory 2020-1505-01
Posted Apr 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1505-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability was addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | b25f5dec4c402858188a5115666811bd7848482f310d03c5908fe666932cf1d6
Red Hat Security Advisory 2020-1358-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1358-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
SHA-256 | c9a77bbf4ba5eff67132a363b838be50e5f09b3583428979136412710a2be6be
Red Hat Security Advisory 2020-1352-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1352-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039, CVE-2020-8608
SHA-256 | abab3af6ab91cddd444c056748413aea3ec3b5bb4f82fbfbdf5428e6961aab58
Red Hat Security Advisory 2020-1300-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1300-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039, CVE-2020-8608
SHA-256 | 3b3c803f11b4c41a45febe8388c0473da3dde22357cdfbf6ed410e72a987fcf3
Red Hat Security Advisory 2020-1296-01
Posted Apr 2, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1296-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
SHA-256 | 582a06d1a570f22689b6e0e0554844dd019ec443602dd9afc0ae81f7061759a3
Red Hat Security Advisory 2020-1150-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1150-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. Issues addressed include an out of bounds access vulnerability.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711, CVE-2020-7039
SHA-256 | b554ce9fed197ecbdf014ae8b6636aa7fdace8c1a71e34ba14da187d8bef9510
Red Hat Security Advisory 2020-1216-01
Posted Mar 31, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1216-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow and null pointer vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2019-12155, CVE-2019-14378, CVE-2020-1711
SHA-256 | 7021d08a29d53c69539017e8132d9093b0402844dddc4c702e79590375c6ce75
Red Hat Security Advisory 2020-0773-01
Posted Mar 10, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0773-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 60eb6a15e04cea05f1d24e5195704c6dd78857c339f8cc80b121340284ea2753
Red Hat Security Advisory 2020-0731-01
Posted Mar 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0731-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 4bedc352e59f6c7c3d9af431d3c2f64ecbf7fe1ece1c9a201f306f2199000fd3
Red Hat Security Advisory 2020-0730-01
Posted Mar 5, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0730-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. An out-of-bounds heap access issue was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11135, CVE-2020-1711
SHA-256 | 97719d3620325b820aca7c519b2a3ad307d48d09cd3e03f29b0daccf93f84efe
Red Hat Security Advisory 2020-0669-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0669-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds heap access vulnerability has been addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2020-1711
SHA-256 | 3a667ec0799bac2febeb85814d40c6f07c5a57a238ccbde21565372f10eefeba
Ubuntu Security Notice USN-4283-1
Posted Feb 19, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4283-1 - Felipe Franciosi, Raphael Norwitz, and Peter Turschmid discovered that QEMU incorrectly handled iSCSI server responses. A remote attacker in control of the iSCSI server could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. It was discovered that the QEMU libslirp component incorrectly handled memory. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-1711
SHA-256 | 67a70bed9e03b20a8ad75770a4d3bc7d50b6aa1db9c132a09f67280b8a8bf16a
Debian Security Advisory 4616-1
Posted Feb 3, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4616-1 - Two security issues have been found in the SLiRP networking implementation of QEMU, a fast processor emulator, which could result in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2019-15890, CVE-2020-1711, CVE-2020-7039
SHA-256 | c86925d33e285cee87de038a4e6d41f8b66dba7c5d35bbf49853a20cf80e0b49
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close