Ubuntu Security Notice 5010-1 - Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Wenxiang Qian discovered that QEMU incorrectly handled certain ATAPI commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.04. Various other issues were also addressed.
c4d63dc41ceb7caa0f49a3eacc4d8caaa17252efd4913df4a83ba610c5446f40Red Hat Security Advisory 2021-2529-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include an out of bounds access vulnerability.
68411224fc96c46418b6dd4fa4f52a19593dff2b03d10fea3af1d7140887ba88Red Hat Security Advisory 2021-2322-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an out of bounds access vulnerability.
56ef62d9df3f678e439bc6cbaa96769add8676e16af6d9ac25a88eb9f0ba2bd2Red Hat Security Advisory 2021-1762-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, double free, information leakage, and out of bounds access vulnerabilities.
6398e6563eabaa35531faafc6108f399db955a873f719b083ebf7cc40a66c41fUbuntu Security Notice 4725-1 - It was discovered that QEMU incorrectly handled memory in iSCSI emulation. An attacker inside the guest could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Alexander Bulekov discovered that QEMU incorrectly handled Intel e1000e emulation. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.
0cb00f8c69ce1eb4a48a5ddf3c7250eef70edcf933345ec3243885c6ada0dc3f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed