Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в libvirt / qemu
Опубликовано:12 октября 2015 г.
Источник:
SecurityVulns ID:14718
Тип:библиотека
Уровень опасности:
6/10
Описание:DoS, повреждения памяти.
Затронутые продукты:QEMU : QEMU 2.4
CVE:CVE-2015-6855 (hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash.)
 CVE-2015-6815
 CVE-2015-5279 (Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.)
 CVE-2015-5278
 CVE-2015-5239
Оригинальный текстdocumentUBUNTU, [USN-2745-1] QEMU vulnerabilities (12.10.2015)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород