Download
| Alert*
oval:org.secpod.oval:def:25177
The host is installed with qemu-kvm on Red Hat Enterprise Linux 7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to limit resources used to process the header and payload of an incoming frame. Successful exploitation could allow attackers to cras ... oval:org.secpod.oval:def:203754 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU"s websocket frame decoder processed incoming frames without limiting resources used to process the ... oval:org.secpod.oval:def:108863 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:109208 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:52480 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:501670 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU"s websocket frame decoder processed incoming frames without limiting resources used to process the ... oval:org.secpod.oval:def:25795 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1501202 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. It was found that the QEMU"s websocket frame decoder processed incoming frames without limiting resources used to process the ... oval:org.secpod.oval:def:702557 qemu: Machine emulator and virtualizer - qemu-kvm: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:602088 Several vulnerabilities were discovered in the qemu virtualisation solution: CVE-2014-9718 It was discovered that the IDE controller emulation is susceptible to denial of service. CVE-2015-1779 Daniel P. Berrange discovered a denial of service vulnerability in the VNC web socket decoder. CVE-2015-27 ... oval:org.secpod.oval:def:108696 QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: * Full system emulation. In this mode, QEMU emulates a full system , including a processor and various peripherials. It can be used to launch differe ... oval:org.secpod.oval:def:89044183 This update for kvm fixes the following issues: - Fix OOB read and write due to integer overflow in sm501_2d_operation in hw/display/sm501.c - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation - Fix use-after-free in usb xhci packet handling - Fix use-after-free in usb ehci packet hand ... oval:org.secpod.oval:def:400709 xen was updated to fix 44 security issues. These security issues were fixed: - CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm ima ... oval:org.secpod.oval:def:89045377 xen was updated to fix 47 security issues. These security issues were fixed: - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers . - CVE-2013-4529: Buffer overflow in hw/pci/pcie_aer.c allowed r ... oval:org.secpod.oval:def:400737 xen was updated to fix 46 security issues. These security issues were fixed: - CVE-2013-4527: Buffer overflow in hw/timer/hpet.c might have allowed remote attackers to execute arbitrary code via vectors related to the number of timers . - CVE-2013-4529: Buffer overflow in hw/pci/pcie_aer.c allowed r ... |