This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Kvm Group First view 2012-01-27
Product Qemu-Kvm Last view 2012-06-21
Version 0.12 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:kvm_group:qemu-kvm

Activity : Overall

Related : CVE

  Date Alert Description
5.8 2012-06-21 CVE-2011-2512

The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison.

7.4 2012-01-27 CVE-2012-0029

Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
50% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
78506 Qemu hw/e1000.c process_tx_desc() Function DMA Request Legacy Packet Packet L...
74751 KVM qemu-kvm VirtIO Queue Notification Local Privilege Escalation

OpenVAS Exploits

id Description
2012-12-18 Name : Fedora Update for xen FEDORA-2012-19828
File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-11-23 Name : Fedora Update for xen FEDORA-2012-18249
File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-15 Name : Fedora Update for xen FEDORA-2012-17408
File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-10-22 Name : Gentoo Security Advisory GLSA 201210-04 (ebuild)
File : nvt/glsa_201210_04.nasl
2012-10-19 Name : Fedora Update for qemu FEDORA-2012-15606
File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl
2012-09-22 Name : Fedora Update for xen FEDORA-2012-13443
File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-08-24 Name : Fedora Update for xen FEDORA-2012-11785
File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-14 Name : Fedora Update for qemu FEDORA-2012-11305
File : nvt/gb_fedora_2012_11305_qemu_fc16.nasl
2012-08-06 Name : Fedora Update for xen FEDORA-2012-11190
File : nvt/gb_fedora_2012_11190_xen_fc16.nasl
2012-07-30 Name : CentOS Update for kmod-kvm CESA-2012:0051 centos5
File : nvt/gb_CESA-2012_0051_kmod-kvm_centos5.nasl
2012-07-30 Name : CentOS Update for qemu-img CESA-2012:0050 centos6
File : nvt/gb_CESA-2012_0050_qemu-img_centos6.nasl
2012-07-09 Name : RedHat Update for qemu-kvm RHSA-2012:0050-01
File : nvt/gb_RHSA-2012_0050-01_qemu-kvm.nasl
2012-06-28 Name : Fedora Update for xen FEDORA-2012-9399
File : nvt/gb_fedora_2012_9399_xen_fc16.nasl
2012-06-28 Name : Fedora Update for xen FEDORA-2012-9430
File : nvt/gb_fedora_2012_9430_xen_fc15.nasl
2012-06-08 Name : Fedora Update for qemu FEDORA-2012-8604
File : nvt/gb_fedora_2012_8604_qemu_fc15.nasl
2012-06-08 Name : Fedora Update for qemu FEDORA-2012-8592
File : nvt/gb_fedora_2012_8592_qemu_fc16.nasl
2012-06-06 Name : RedHat Update for qemu-kvm RHSA-2011:0919-01
File : nvt/gb_RHSA-2011_0919-01_qemu-kvm.nasl
2012-04-02 Name : Fedora Update for xen FEDORA-2012-1375
File : nvt/gb_fedora_2012_1375_xen_fc16.nasl
2012-03-09 Name : RedHat Update for xen RHSA-2012:0370-01
File : nvt/gb_RHSA-2012_0370-01_xen.nasl
2012-02-21 Name : Fedora Update for xen FEDORA-2012-1539
File : nvt/gb_fedora_2012_1539_xen_fc15.nasl
2012-02-12 Name : Debian Security Advisory DSA 2404-1 (xen-qemu-dm-4.0)
File : nvt/deb_2404_1.nasl
2012-02-11 Name : Debian Security Advisory DSA 2396-1 (qemu-kvm)
File : nvt/deb_2396_1.nasl
2012-01-25 Name : Ubuntu Update for qemu-kvm USN-1339-1
File : nvt/gb_ubuntu_USN_1339_1.nasl
2011-08-03 Name : Debian Security Advisory DSA 2270-1 (qemu-kvm)
File : nvt/deb_2270_1.nasl
2011-07-08 Name : Ubuntu Update for qemu-kvm USN-1165-1
File : nvt/gb_ubuntu_USN_1165_1.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-06-12 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2015-0068.nasl - Type: ACT_GATHER_INFO
2014-11-17 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-0168.nasl - Type: ACT_GATHER_INFO
2014-11-17 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-0109.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-243.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-404.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2012-84.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_3_kvm-110711.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_4_kvm-110711.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_4_kvm-120124.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_4_libvirt-120208.nasl - Type: ACT_GATHER_INFO
2014-06-13 Name: The remote openSUSE host is missing a security update.
File: suse_11_4_qemu-120207.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2011-0919.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2012-0050.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2012-0051.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2012-0370.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2011-0919.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-0050.nasl - Type: ACT_GATHER_INFO
2013-01-24 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2012-0051.nasl - Type: ACT_GATHER_INFO
2012-10-19 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201210-04.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20120123_kvm_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20120307_xen_on_SL5_x.nasl - Type: ACT_GATHER_INFO
2012-06-08 Name: The remote Fedora host is missing a security update.
File: fedora_2012-8604.nasl - Type: ACT_GATHER_INFO
2012-06-08 Name: The remote Fedora host is missing a security update.
File: fedora_2012-8592.nasl - Type: ACT_GATHER_INFO
2012-03-20 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_xen-201202-120209.nasl - Type: ACT_GATHER_INFO
2012-03-20 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_xen-201202-120210.nasl - Type: ACT_GATHER_INFO