Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в qemu
дополнено с 13 октября 2014 г.
Опубликовано:8 декабря 2014 г.
Источник:
SecurityVulns ID:14003
Тип:локальная
Уровень опасности:
6/10
Описание:Многочисленные повреждения памяти в драйверах, DoS, утечка информации.
Затронутые продукты:QEMU : qemu 1.1
CVE:CVE-2014-8106 (Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320.)
 CVE-2014-7815 (The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.)
 CVE-2014-3689 (The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.)
 CVE-2014-3640 (The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.)
 CVE-2014-3615 (The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.)
 CVE-2014-0223 (Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read.)
 CVE-2014-0222 (Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.)
 CVE-2014-0147
 CVE-2014-0146
 CVE-2014-0145
 CVE-2014-0144
 CVE-2014-0143
 CVE-2014-0142
Оригинальный текстdocumentDEBIAN, [SECURITY] [DSA 3087-1] qemu security update (08.12.2014)
 documentDEBIAN, [SECURITY] [DSA 3066-1] qemu security update (10.11.2014)
 documentDEBIAN, [SECURITY] [DSA 3045-1] qemu security update (13.10.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород