CVE-2015-5745

Several security issues were fixed in QEMU ...

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware CVE-2015-5165 Donghai Zhu discovered that the QEMU model of the RTL8139 network card did not sufficiently validate inputs in the C+ mode offload emulation, allowing a malicious guest to read uninitialized memory from the QEMU proces ...

Several vulnerabilities were discovered in qemu, a fast processor emulator CVE-2015-3214 Matt Tait of Google's Project Zero security team discovered a flaw in the QEMU i8254 PIT emulation A privileged guest user in a guest with QEMU PIT emulation enabled could potentially use this flaw to execute arbitrary code on the host with t ...

Debian Bug report logs - #794611 qemu: CVE-2015-5166: Use after free in QEMU/Xen block unplug protocol Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 4 Aug 2015 20:27:02 UTC Severity: important ...

Debian Bug report logs - #793811 qemu: CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 27 Jul 2015 18:12:02 UTC Severity: g ...

Debian Bug report logs - #795461 qemu: CVE-2015-3214: i8254: out-of-bounds memory access in pit_ioport_read function Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 14 Aug 2015 08:12:10 UTC Severi ...

Debian Bug report logs - #793388 qemu: CVE-2015-5158: scsi stack buffer overflow Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 23 Jul 2015 15:06:03 UTC Severity: important Tags: patch, security, ...

Debian Bug report logs - #794610 qemu: CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 4 Aug 2015 20:24:02 UTC Severi ...

Debian Bug report logs - #795087 qemu: CVE-2015-5745: buffer overflow in virtio-serial Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Aug 2015 13:24:06 UTC Severity: normal Tags: fixed-upstrea ...

Debian Bug report logs - #796465 qemu: CVE-2015-5225: ui: vnc: heap memory corruption in vnc_refresh_server_surface Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 21 Aug 2015 22:12:02 UTC Severit ...