Search CVE reports
451 – 460 of 471 results
Some fixes available 3 of 8
Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID...
9 affected packages
kvm, linux, linux-ec2, linux-fsl-imx51, linux-lts-backport-maverick...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| linux | — | — | — | — |
| linux-ec2 | — | — | — | — |
| linux-fsl-imx51 | — | — | — | — |
| linux-lts-backport-maverick | — | — | — | — |
| linux-mvl-dove | — | — | — | — |
| linux-source-2.6.15 | — | — | — | — |
| linux-ti-omap4 | — | — | — | — |
| qemu-kvm | — | — | — | — |
Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might allow guest OS users to execute arbitrary code on the host OS by establishing a connection from a VNC client and then...
3 affected packages
kvm, qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| qemu | — | — | — | — |
| qemu-kvm | — | — | — | — |
Some fixes available 4 of 9
The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of...
9 affected packages
kvm, linux, linux-ec2, linux-fsl-imx51, linux-lts-backport-maverick...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| linux | — | — | — | — |
| linux-ec2 | — | — | — | — |
| linux-fsl-imx51 | — | — | — | — |
| linux-lts-backport-maverick | — | — | — | — |
| linux-mvl-dove | — | — | — | — |
| linux-source-2.6.15 | — | — | — | — |
| linux-ti-omap4 | — | — | — | — |
| qemu-kvm | — | — | — | — |
Some fixes available 2 of 8
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka...
3 affected packages
kvm, qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| qemu | — | — | — | — |
| qemu-kvm | — | — | — | — |
Some fixes available 2 of 19
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended.
8 affected packages
qemu-kvm, xen-3.2, kvm, qemu, xen-3.0...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | — | — | — | — |
| xen-3.2 | — | — | — | — |
| kvm | — | — | — | — |
| qemu | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.3 | — | — | — | — |
| xen-unstable | — | — | — | — |
Some fixes available 2 of 8
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
8 affected packages
xen-3.3, qemu-kvm, kvm, qemu, xen-3.0...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| xen-3.3 | — | — | — | — |
| qemu-kvm | — | — | — | — |
| kvm | — | — | — | — |
| qemu | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-unstable | — | — | — | — |
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | — | — |
| qemu-kvm | — | — | — | — |
Some fixes available 2 of 15
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to...
7 affected packages
qemu, kvm, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | — | — |
| kvm | — | — | — | — |
| qemu-kvm | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |
Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through 3.0.3 allows local users to cause a denial of service (SDL crash) and possibly execute arbitrary code via "bogus...
7 affected packages
qemu, kvm, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | — | — |
| kvm | — | — | — | — |
| qemu-kvm | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |
Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a...
7 affected packages
kvm, qemu, qemu-kvm, xen-3.0, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| kvm | — | — | — | — |
| qemu | — | — | — | — |
| qemu-kvm | — | — | — | — |
| xen-3.0 | — | — | — | — |
| xen-3.1 | — | — | — | — |
| xen-3.2 | — | — | — | — |
| xen-3.3 | — | — | — | — |