Ubuntu Security Notice 5772-1 - It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that QEMU did not properly manage memory when it transfers the USB packets. A malicious guest attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
768024681dfd9068a64b260049ff17b38a9319596abe4a29fe8b4d7a96a0987aUbuntu Security Notice 5307-1 - Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. It was discovered that the QEMU vhost-user GPU device contained several security issues. An attacker inside the guest could use these issues to cause QEMU to crash, resulting in a denial of service, leak sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 21.10.
93c74c6aff190d655abe77b615cbb1fdb9e7fd27501547e3980eeee5e03af9e9Debian Linux Security Advisory 4980-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service or the the execution of arbitrary code.
ddc750d896a05a7739ac3c32ccc088274d91a7af3ee492e2f13ec7ec5e11244bRed Hat Security Advisory 2021-3704-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, and out of bounds read vulnerabilities.
5864f73fcab2cbaccf361eb3ef0f59a34a59c5e826c50cff47e2ad6e9a3e23bfRed Hat Security Advisory 2021-3703-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, and out of bounds read vulnerabilities.
068ff65f70859525d3b455fd8772ae5c3f403368b8f4d1aad2358e1d98469674
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed