Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-0928HistoryMar 03, 2008 - 10:44 p.m.
CVE-2008-0928
2008-03-0322:44:00
Debian Security Bug Tracker
security-tracker.debian.org
25
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
EPSS
0.001
Percentile
28.7%
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | qemu | < 0.9.1+svn20081207-1 | qemu_0.9.1+svn20081207-1_all.deb |
| Debian | 11 | all | qemu | < 0.9.1+svn20081207-1 | qemu_0.9.1+svn20081207-1_all.deb |
| Debian | 999 | all | qemu | < 0.9.1+svn20081207-1 | qemu_0.9.1+svn20081207-1_all.deb |
| Debian | 13 | all | qemu | < 0.9.1+svn20081207-1 | qemu_0.9.1+svn20081207-1_all.deb |
Related
openvas
openvas
Fedora Update for xen FEDORA-2008-2057
2009-02-16 00:00:00
Fedora Update for qemu FEDORA-2008-2001
2009-02-16 00:00:00
Mandrake Security Advisory MDVSA-2009:257 (qemu)
2009-10-13 00:00:00
nessus
nessus
FreeBSD : qemu -- unchecked block read/write vulnerability (9cfbca7f-efb7-11dc-be01-0211060005df)
2008-03-13 00:00:00
Fedora 8 : qemu-0.9.0-6.fc8 (2008-1995)
2008-02-26 00:00:00
Fedora 7 : kvm-36-8.fc7 (2008-1973)
2008-02-26 00:00:00
cve
cve
CVE-2008-0928
2008-03-03 22:44:00
CVE-2008-1112
2008-03-03 18:44:00
ubuntucve
ubuntucve
CVE-2008-0928
2008-03-03 00:00:00
prion
prion
Design/Logic Flaw
2008-03-03 22:44:00
Design/Logic Flaw
2008-03-03 18:44:00
freebsd
freebsd
qemu -- unchecked block read/write vulnerability
2008-02-19 00:00:00
nvd
nvd
CVE-2008-0928
2008-03-03 22:44:00
CVE-2008-1112
2008-03-03 18:44:00
veracode
veracode
Information Disclosure
2020-04-10 00:26:29
cvelist
cvelist
CVE-2008-0928
2008-03-03 22:00:00
debian
debian
[SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilities
2009-05-11 21:13:09
[Backports-security-announce] Security Update for xen-3
2008-12-15 12:38:44
[Backports-security-announce] Security Update for xen-3
2008-12-15 12:39:05
osv
osv
qemu - several vulnerabilities
2009-05-11 00:00:00
qemu-linux-user-2.6.1-1.5 on GA media
2024-06-15 00:00:00
qemu-2.6.1-1.5 on GA media
2024-06-15 00:00:00
oraclelinux
oraclelinux
xen security and bug fix update
2008-05-13 00:00:00
redhat
redhat
(RHSA-2008:0194) Important: xen security and bug fix update
2008-05-13 00:00:00
centos
centos
xen security update
2008-05-16 01:20:08
CVSS2
4.7
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
EPSS
0.001
Percentile
28.7%
Related for DEBIANCVE:CVE-2008-0928