Download
| Alert*
oval:org.secpod.oval:def:600578
It was discovered that incorrect sanitising of virtio queue commands in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service of the execution of arbitrary code. The oldstable distribution is not affected by this problem. oval:org.secpod.oval:def:400316 A privileged guest user could cause a buffer overflow in the virtio subsystem of the host, therefore crashing the guest or potentially execute arbitrary code on the host . oval:org.secpod.oval:def:500123 KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. It was found that the virtio subsystem in qemu-kvm did not properly validate virtqueue in and out requests from the guest. A privileged guest u ... oval:org.secpod.oval:def:1503376 Updated qemu-kvm packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, a ... oval:org.secpod.oval:def:700546 qemu-kvm: Machine emulator and virtualizer A privileged attacker within a QEMU guest could cause QEMU to crash. |