Download
| Alert*
oval:org.secpod.oval:def:505786
Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: loader: OOB access while loading registered ROM may lead to code execution ... oval:org.secpod.oval:def:1601422 An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the rom_copy routine while loading the contents of a 32-bit -kernel image into memory. Running an untrusted -kernel image may load contents at arbitrary memory locations, potentially lead ... oval:org.secpod.oval:def:1700568 An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the rom_copy routine while loading the contents of a 32-bit -kernel image into memory. Running an untrusted -kernel image may load contents at arbitrary memory locations, potentially lead ... oval:org.secpod.oval:def:205835 Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix: * QEMU: loader: OOB access while loading registered ROM may lead to code execution ... oval:org.secpod.oval:def:1504616 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2004025 rom_copy in hw/core/loader.c in QEMU 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation. oval:org.secpod.oval:def:89044339 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044350 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044348 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb iehci packet handling - Fix infinite loop in usb hcd-ohci emula ... oval:org.secpod.oval:def:89044349 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044202 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044340 This update for qemu fixes the following issues: - Fix OOB access in sm501 device emulation - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet handling - Fix OOB access in usb hcd-ohci emulation ... oval:org.secpod.oval:def:89044183 This update for kvm fixes the following issues: - Fix OOB read and write due to integer overflow in sm501_2d_operation in hw/display/sm501.c - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet hand ... oval:org.secpod.oval:def:67028 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:65297 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:67018 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:705588 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:604927 Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service. |