Several security issues were fixed in QEMU ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
Updated qemu-kvm-rhev packages that fix two security issues are nowavailable for Red Hat Enterprise VirtualizationRed Hat Product Security has rated this update as having Important securityimpact Common Vuln ...
Synopsis
Important: qemu-kvm-rhev security update
Type/Severity
Security Advisory: Important
Topic
Updated qemu-kvm-rhev packages that fix two security issues are nowavailable for Red Hat Enterprise Linux OpenStack Platform 50 for Red HatEnterprise Linux 6Red Hat Product Security has rated this update as ...
Synopsis
Important: qemu-kvm security update
Type/Severity
Security Advisory: Important
Topic
Updated qemu-kvm packages that fix two security issues are now availablefor Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having Important securityimpact Common Vulnerability Scoring ...
Several vulnerabilities were discovered in qemu, a full virtualization
solution on x86 hardware
CVE-2015-7295
Jason Wang of Red Hat Inc discovered that the Virtual Network
Device support is vulnerable to denial-of-service, that could
occur when receiving large packets
CVE-2015-7504
Qinghao Tang of Qihoo 360 Inc and Ling Liu of ...
Several vulnerabilities were discovered in qemu-kvm, a full
virtualization solution on x86 hardware
CVE-2015-7295
Jason Wang of Red Hat Inc discovered that the Virtual Network
Device support is vulnerable to denial-of-service (via resource
exhaustion), that could occur when receiving large packets
CVE-2015-7504
Qinghao Tang of Q ...
A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process Note that to exploit this flaw, the guest network interf ...
Debian Bug report logs -
#812307
CVE-2016-1981: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 22 Jan 2016 06:00:02 UTC
Sever ...
Debian Bug report logs -
#808144
CVE-2015-8558: usb: infinite loop in ehci_advance_state results in DoS
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Wed, 16 Dec 2015 13:09:02 UTC
Severity: important
Tags: f ...
Debian Bug report logs -
#809237
CVE-2015-8619: hmp: stack based OOB write in hmp_sendkey routine
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Mon, 28 Dec 2015 15:30:02 UTC
Severity: important
Tags: patch, ...
Debian Bug report logs -
#808131
CVE-2015-7549: msi-x null-pointer dereference issue in qemu-system
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Wed, 16 Dec 2015 11:03:06 UTC
Severity: important
Tags: fixed ...
Debian Bug report logs -
#810519
qemu: CVE-2015-8743: net: ne2000: OOB r/w in ioport operations
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 9 Jan 2016 13:30:01 UTC
Severity: important
Tags: s ...
Debian Bug report logs -
#809232
CVE-2015-8613: scsi: stack based buffer overflow in megasas_ctrl_get_info
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Mon, 28 Dec 2015 15:12:01 UTC
Severity: important
Tags ...
Debian Bug report logs -
#808130
CVE-2015-8504: vnc floating point exception
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Wed, 16 Dec 2015 11:03:02 UTC
Severity: serious
Tags: fixed-upstream, patch, securit ...
Debian Bug report logs -
#806741
qemu: CVE-2015-7512: net: pcnet: buffer overflow in non-loopback mode
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 30 Nov 2015 18:03:02 UTC
Severity: important
...
Debian Bug report logs -
#811201
qemu: CVE-2016-1922: i386: null pointer dereference in vapic_write()
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 16 Jan 2016 18:54:02 UTC
Severity: important
T ...
Debian Bug report logs -
#806742
qemu: CVE-2015-7504: net: pcnet: heap overflow vulnerability in pcnet_receive
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 30 Nov 2015 18:06:01 UTC
Severity: im ...
Debian Bug report logs -
#806373
qemu: CVE-2015-8345: net: eepro100: infinite loop in processing command block list
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Moritz Muehlenhoff <jmm@debianorg>
Date: Thu, 26 Nov 2015 18:18:02 UTC
Severity: im ...
Debian Bug report logs -
#809229
CVE-2015-8550: xen: unsafe access to shared memory
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Mon, 28 Dec 2015 14:48:02 UTC
Severity: important
Tags: fixed-upstream, patch ...
Debian Bug report logs -
#808145
CVE-2015-8567 CVE-2015-8568: qemu-system: net: vmxnet3: host memory leakage
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Michael Tokarev <mjt@tlsmskru>
Date: Wed, 16 Dec 2015 13:18:02 UTC
Severity: important
Ta ...
Debian Bug report logs -
#810527
qemu: CVE-2016-1568: ide: ahci use-after-free vulnerability in aio port commands
Package:
src:qemu;
Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 9 Jan 2016 14:51:01 UTC
Severity: ...