oval:org.mitre.oval:def:28286

Definition Id: oval:org.mitre.oval:def:28286

Oval ID:	oval:org.mitre.oval:def:28286
Title:	USN-2409-1 -- QEMU vulnerabilities
Description:	Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3615">CVE-2014-3615</a>) Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when using guest networking. A malicious guest could possibly use this issue to cause a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3640">CVE-2014-3640</a>) It was discovered that QEMU incorrectly handled parameter validation in the vmware_vga device. A malicious guest could possibly use this issue to write into memory of the host, leading to privilege escalation. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-3689">CVE-2014-3689</a>) It was discovered that QEMU incorrectly handled USB xHCI controller live migration. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-5263">CVE-2014-5263</a>) Michael S. Tsirkin discovered that QEMU incorrectly handled memory in the ACPI PCI hotplug interface. A malicious guest could possibly use this issue to access memory of the host, leading to information disclosure or privilege escalation. This issue only affected Ubuntu 14.04 LTS. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-5388">CVE-2014-5388</a>) James Spadaro discovered that QEMU incorrectly handled certain VNC bytes_per_pixel values. An attacker having access to a VNC console could possibly use this issue to cause a guest to crash, resulting in a denial of service. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-7815">CVE-2014-7815</a>)
Family:	unix	Class:	patch
Reference(s):	USN-2409-1 CVE-2014-3615 CVE-2014-3640 CVE-2014-3689 CVE-2014-5263 CVE-2014-5388 CVE-2014-7815	Version:	5
Platform(s):	Ubuntu 14.10 Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04	Product(s):	qemu qemu-kvm
Definition Synopsis:
Ubuntu 14.10 release section Ubuntu 14.10 is installed Packages match section qemu-system-misc is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-aarch64 is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-x86 is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-sparc is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-arm is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-ppc is earlier than 0:2.1+dfsg-4ubuntu6.1 AND qemu-system-mips is earlier than 0:2.1+dfsg-4ubuntu6.1 AND Ubuntu 14.04 release section Ubuntu 14.04 is installed Packages match section qemu-system-misc is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-aarch64 is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-x86 is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-sparc is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-arm is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-ppc is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND qemu-system-mips is earlier than 0:2.0.0+dfsg-2ubuntu1.7 AND Ubuntu 12.04 release section Ubuntu 12.04 is installed AND qemu-kvm is earlier than 0:1.0+noroms-0ubuntu14.19 AND Ubuntu 10.04 release section Ubuntu 10.04 is installed AND qemu-kvm is earlier than 0:0.12.3+noroms-0ubuntu9.25

Definition Id: oval:org.mitre.oval:def:13089

Oval ID:	oval:org.mitre.oval:def:13089
Title:	Ubuntu 10.04 is installed
Description:	Ubuntu 10.04 is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:canonical:ubuntu_linux:10.04	Version:	5
Platform(s):	Ubuntu 10.04	Product(s):
Definition Synopsis:
Ubuntu 10.04 is installed
Referenced By:
oval:org.mitre.oval:def:28286

Definition Id: oval:org.mitre.oval:def:27174

Oval ID:	oval:org.mitre.oval:def:27174
Title:	Ubuntu 14.10 is installed
Description:	Ubuntu 14.10 is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:canonical:ubuntu_linux:14.10	Version:	5
Platform(s):	Ubuntu 14.10	Product(s):
Definition Synopsis:
Ubuntu 14.10 is installed
Referenced By:
oval:org.mitre.oval:def:28286

Definition Id: oval:org.mitre.oval:def:24421

Oval ID:	oval:org.mitre.oval:def:24421
Title:	Ubuntu 14.04 is installed
Description:	Ubuntu 14.04 is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:canonical:ubuntu_linux:14.04	Version:	5
Platform(s):	Ubuntu 14.04	Product(s):
Definition Synopsis:
Ubuntu 14.04 is installed
Referenced By:
oval:org.mitre.oval:def:28286

Definition Id: oval:org.mitre.oval:def:15824

Oval ID:	oval:org.mitre.oval:def:15824
Title:	Ubuntu 12.04 is installed
Description:	Ubuntu 12.04 is installed
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:canonical:ubuntu_linux:12.04	Version:	5
Platform(s):	Ubuntu 12.04	Product(s):
Definition Synopsis:
Ubuntu 12.04 is installed
Referenced By:
oval:org.mitre.oval:def:28286

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0297s

Facebook rss twitter linkedin mail