Summary
Detail | |||
---|---|---|---|
Vendor | Kvm Group | First view | 2012-01-27 |
Product | Qemu-Kvm | Last view | 2012-06-21 |
Version | 0.12 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:kvm_group:qemu-kvm |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5.8 | 2012-06-21 | CVE-2011-2512 | The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not properly validate the virtqueue number, which allows guest users to cause a denial of service (guest crash) and possibly execute arbitrary code via a negative number in the Queue Notify field of the Virtio Header, which bypasses a signed comparison. |
7.4 | 2012-01-27 | CVE-2012-0029 | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
50% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78506 | Qemu hw/e1000.c process_tx_desc() Function DMA Request Legacy Packet Packet L... |
74751 | KVM qemu-kvm VirtIO Queue Notification Local Privilege Escalation |
OpenVAS Exploits
id | Description |
---|---|
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-10-22 | Name : Gentoo Security Advisory GLSA 201210-04 (ebuild) File : nvt/glsa_201210_04.nasl |
2012-10-19 | Name : Fedora Update for qemu FEDORA-2012-15606 File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-08-24 | Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl |
2012-08-14 | Name : Fedora Update for qemu FEDORA-2012-11305 File : nvt/gb_fedora_2012_11305_qemu_fc16.nasl |
2012-08-06 | Name : Fedora Update for xen FEDORA-2012-11190 File : nvt/gb_fedora_2012_11190_xen_fc16.nasl |
2012-07-30 | Name : CentOS Update for kmod-kvm CESA-2012:0051 centos5 File : nvt/gb_CESA-2012_0051_kmod-kvm_centos5.nasl |
2012-07-30 | Name : CentOS Update for qemu-img CESA-2012:0050 centos6 File : nvt/gb_CESA-2012_0050_qemu-img_centos6.nasl |
2012-07-09 | Name : RedHat Update for qemu-kvm RHSA-2012:0050-01 File : nvt/gb_RHSA-2012_0050-01_qemu-kvm.nasl |
2012-06-28 | Name : Fedora Update for xen FEDORA-2012-9399 File : nvt/gb_fedora_2012_9399_xen_fc16.nasl |
2012-06-28 | Name : Fedora Update for xen FEDORA-2012-9430 File : nvt/gb_fedora_2012_9430_xen_fc15.nasl |
2012-06-08 | Name : Fedora Update for qemu FEDORA-2012-8604 File : nvt/gb_fedora_2012_8604_qemu_fc15.nasl |
2012-06-08 | Name : Fedora Update for qemu FEDORA-2012-8592 File : nvt/gb_fedora_2012_8592_qemu_fc16.nasl |
2012-06-06 | Name : RedHat Update for qemu-kvm RHSA-2011:0919-01 File : nvt/gb_RHSA-2011_0919-01_qemu-kvm.nasl |
2012-04-02 | Name : Fedora Update for xen FEDORA-2012-1375 File : nvt/gb_fedora_2012_1375_xen_fc16.nasl |
2012-03-09 | Name : RedHat Update for xen RHSA-2012:0370-01 File : nvt/gb_RHSA-2012_0370-01_xen.nasl |
2012-02-21 | Name : Fedora Update for xen FEDORA-2012-1539 File : nvt/gb_fedora_2012_1539_xen_fc15.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2404-1 (xen-qemu-dm-4.0) File : nvt/deb_2404_1.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2396-1 (qemu-kvm) File : nvt/deb_2396_1.nasl |
2012-01-25 | Name : Ubuntu Update for qemu-kvm USN-1339-1 File : nvt/gb_ubuntu_USN_1339_1.nasl |
2011-08-03 | Name : Debian Security Advisory DSA 2270-1 (qemu-kvm) File : nvt/deb_2270_1.nasl |
2011-07-08 | Name : Ubuntu Update for qemu-kvm USN-1165-1 File : nvt/gb_ubuntu_USN_1165_1.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2015-06-12 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2015-0068.nasl - Type: ACT_GATHER_INFO |
2014-11-17 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2012-0168.nasl - Type: ACT_GATHER_INFO |
2014-11-17 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2012-0109.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-243.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-404.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: openSUSE-2012-84.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_kvm-110711.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_4_kvm-110711.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_4_kvm-120124.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_4_libvirt-120208.nasl - Type: ACT_GATHER_INFO |
2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_4_qemu-120207.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2011-0919.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2012-0050.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2012-0051.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2012-0370.nasl - Type: ACT_GATHER_INFO |
2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2011-0919.nasl - Type: ACT_GATHER_INFO |
2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2012-0050.nasl - Type: ACT_GATHER_INFO |
2013-01-24 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2012-0051.nasl - Type: ACT_GATHER_INFO |
2012-10-19 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201210-04.nasl - Type: ACT_GATHER_INFO |
2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20120123_kvm_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20120307_xen_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
2012-06-08 | Name: The remote Fedora host is missing a security update. File: fedora_2012-8604.nasl - Type: ACT_GATHER_INFO |
2012-06-08 | Name: The remote Fedora host is missing a security update. File: fedora_2012-8592.nasl - Type: ACT_GATHER_INFO |
2012-03-20 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_xen-201202-120209.nasl - Type: ACT_GATHER_INFO |
2012-03-20 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_xen-201202-120210.nasl - Type: ACT_GATHER_INFO |