Several security issues were fixed in QEMU ...
Synopsis
Important: qemu-kvm-rhev security and bug fix update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat OpenStack Platform 100 (Newton), Red Hat OpenStack Platform 130 (Queens), and Red Hat OpenStack Platform 140 (Rocky)Red Hat Product Secu ...
Synopsis
Important: qemu-kvm-rhev security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 and Red Hat Virtualization Engine 43Red Hat Product Security has rated this ...
Multiple security issues were discovered in QEMU, a fast processor
emulator, which could result in denial of service, the execution of
arbitrary code or information disclosure
In addition this update backports support to passthrough the new
md-clear CPU flag added in the intel-microcode update shipped in DSA 4447
to x86-based guests
For the stabl ...
An integer overflow issue was found in the RTL8139 NIC emulation in QEMU It could occur while receiving packets over the network if the size value is greater than INT_MAX Such overflow would lead to stack buffer overflow issue A user inside guest could use this flaw to crash the QEMU process, resulting in DoS scenario ...
Debian Bug report logs -
#911470
qemu: CVE-2018-18438: Integer overflow in ccid_card_vscard_read() allows memory corruption
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 14:51:02 UTC
...
Debian Bug report logs -
#915884
qemu: CVE-2018-16867: dev-mtp: path traversal in usb_mtp_write_data of the Media Transfer Protocol (MTP)
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 7 Dec 2018 ...
Debian Bug report logs -
#902725
CVE-2018-12617
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Fri, 29 Jun 2018 21:09:06 UTC
Severity: important
Tags: security
Found in version qemu/1:212+dfsg-3
Fixed in ...
Debian Bug report logs -
#911499
qemu: CVE-2018-17958: rtl8139: integer overflow leads to buffer overflow
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 21:15:01 UTC
Severity: import ...
Debian Bug report logs -
#914604
qemu: CVE-2018-18954: ppc64: Out-of-bounds r/w stack access in pnv_lpc_do_eccb
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 25 Nov 2018 15:48:01 UTC
Severity: i ...
Debian Bug report logs -
#911468
qemu: CVE-2018-17962: pcnet: integer overflow leads to buffer overflow
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 14:45:03 UTC
Severity: grave
Tag ...
Debian Bug report logs -
#914727
qemu: CVE-2018-19489: 9pfs: crash due to race condition in renaming files
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 26 Nov 2018 18:21:01 UTC
Severity: import ...
Debian Bug report logs -
#929353
qemu: CVE-2019-12155: qxl: null pointer dereference while releasing speice resources
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 22 May 2019 08:03:02 UTC
Sever ...
Debian Bug report logs -
#901017
qemu: CVE-2018-11806: slirp: heap buffer overflow while reassembling fragmented datagrams
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 8 Jun 2018 03:42:01 UTC
...
Debian Bug report logs -
#910431
qemu: CVE-2018-10839: integer overflow leads to buffer overflow issue
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 6 Oct 2018 07:42:02 UTC
Severity: grave
Tags ...
Debian Bug report logs -
#907500
qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Tue, 28 Aug 2018 19:57:04 UTC
Severity: important ...
Debian Bug report logs -
#912535
qemu: CVE-2018-18849
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Thu, 1 Nov 2018 07:18:02 UTC
Severity: important
Tags: patch, security, upstream
Found in version ...
Debian Bug report logs -
#911469
qemu: CVE-2018-17963: net: ignore packets with large size
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 20 Oct 2018 14:45:07 UTC
Severity: grave
Tags: security, ...
Debian Bug report logs -
#914599
qemu: CVE-2018-19364: Use-after-free due to race condition while updating fid path
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sun, 25 Nov 2018 15:09:01 UTC
Severit ...
Description of Problem Two issues have been identified in Citrix Hypervisor that may, in certain configurations, allow privileged code in an HVM guest VM to execute code in the control domain, potentially compromising the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix Hypervisor 8 ...