Lucene search
SuseSUSE-SU-2015:0929-1HistoryMay 22, 2015 - 12:08 a.m.
Security update for KVM (important)
2015-05-2200:08:52
lists.opensuse.org
19
0.036 Low
EPSS
Percentile
91.7%
KVM was updated to fix the following security issues:
* CVE-2015-3456: Buffer overflow in the floppy drive emulation, which
could be used to carry out denial of service attacks or potential
code execution against the host. This vulnerability is also known as
VENOM.
* CVE-2014-0222: Integer overflow in the qcow_open function in
block/qcow.c in QEMU allowed remote attackers to cause a denial of
service (crash) via a large L2 table in a QCOW version 1 image.
* CVE-2014-0223: Integer overflow in the qcow_open function in
block/qcow.c in QEMU allowed local users to cause a denial of
service (crash) and possibly execute arbitrary code via a large
image size, which triggers a buffer overflow or out-of-bounds read.
Security Issues:
* CVE-2015-3456
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456</a>>
* CVE-2014-0222
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0222">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0222</a>>
* CVE-2014-0223
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0223">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0223</a>>
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| SUSE Linux Enterprise Server LTSS | 11.1 | x86_64 | kvm | <Β 0.12.5-1.26.1 | kvm-0.12.5-1.26.1.x86_64.rpm |
| SUSE Linux Enterprise Server LTSS | 11.1 | i586 | kvm | <Β 0.12.5-1.26.1 | kvm-0.12.5-1.26.1.i586.rpm |
Related
nessus
nessus
SUSE SLES11 Security Update : KVM (SUSE-SU-2015:0929-1) (Venom)
2015-05-27 00:00:00
CentOS 6 : qemu-kvm (CESA-2014:1075)
2014-08-21 00:00:00
Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20140819)
2014-08-20 00:00:00
openvas
openvas
SUSE: Security Advisory for KVM (SUSE-SU-2015:0929-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0929-1)
2021-06-09 00:00:00
CentOS Update for qemu-guest-agent CESA-2014:1075 centos6
2014-08-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:03:55
Denial Of Service (DoS)
2019-01-15 09:05:54
Denial Of Service (DoS)
2019-01-15 08:59:20
ibm
ibm
redhat
redhat
(RHSA-2014:1076) Moderate: qemu-kvm-rhev security and bug fix update
2014-08-19 00:00:00
(RHSA-2014:1187) Moderate: qemu-kvm-rhev security update
2014-09-15 00:00:00
(RHSA-2014:1075) Moderate: qemu-kvm security and bug fix update
2014-08-19 00:00:00
centos
centos
qemu security update
2014-08-19 10:00:56
xen security update
2015-05-13 15:16:55
libcacard, qemu security update
2015-05-13 16:57:36
oraclelinux
oraclelinux
qemu-kvm security and bug fix update
2014-08-19 00:00:00
qemu-kvm security update
2015-05-13 00:00:00
xen security update
2015-05-13 00:00:00
cve
cve
securityvulns
securityvulns
[oss-security] CVE-2014-0223 Qemu: qcow1: Validate image size
2014-05-15 00:00:00
[oss-security] CVE-2014-0222 Qemu: qcow1: Validate L2 table size
2014-05-15 00:00:00
QEMU multiple security vulnerabilities
2014-05-15 00:00:00
threatpost
threatpost
Oracle Patches VENOM Vulnerability
2015-05-18 10:49:00
Flaw in Virtualization Software Could Lead to VM Escapes, Data Theft
2015-05-13 09:34:43
Oracle Patches Java Zero Day
2015-07-15 09:44:12
osv
osv
qemu-kvm - security update
2015-06-19 00:00:00
xen - security update
2015-05-18 00:00:00
virtualbox - security update
2015-05-28 00:00:00
lenovo
lenovo
Venom - Lenovo Support US
2017-01-23 00:00:00
Venom
2017-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: qemu-2.3.0-4.fc22
2015-05-26 03:41:20
[SECURITY] Fedora 22 Update: xen-4.5.0-9.fc22
2015-05-26 03:43:40
[SECURITY] Fedora 22 Update: qemu-2.3.0-5.fc22
2015-06-11 18:35:42
cvelist
cvelist
ubuntucve
ubuntucve
archlinux
archlinux
qemu: arbitrary code execution
2015-05-14 00:00:00
suse
suse
Security update for KVM (important)
2015-05-16 00:04:49
Security update for Xen (important)
2015-05-26 14:06:51
Security update for qemu (important)
2015-05-18 14:04:51
checkpoint_security
checkpoint_security
Check Point response to CVE-2015-3456 (VENOM)
2015-05-12 21:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package qemu version 1.4.0-alt1.1.M70P.1
2015-05-15 00:00:00
nvd
nvd
freebsd
freebsd
debian
debian
[SECURITY] [DLA 248-1] qemu security update
2015-06-19 15:05:33
[SECURITY] [DLA 249-1] qemu-kvm security update
2015-06-19 15:19:48
[SECURITY] [DSA 3274-1] virtualbox security update
2015-05-28 21:17:43
huawei
huawei
Security Advisory - VENOM Vulnerability in Huawei Products
2015-06-09 00:00:00
fortinet
fortinet
CVE-2015-3456 "VENOM" vulnerability
2015-05-19 00:00:00
prion
prion
Integer overflow
2014-11-04 21:55:00
Out-of-bounds
2015-05-13 18:59:00
Integer overflow
2014-11-04 21:55:00
debiancve
debiancve
f5
f5
K16620 : QEMU vulnerability CVE-2015-3456
2015-10-03 00:00:00
SOL16620 - QEMU vulnerability CVE-2015-3456
2015-05-13 00:00:00
myhack58
myhack58
symantec
symantec
SA95 : VENOM Vulnerability in Virtualization Platforms
2015-05-15 08:00:00
thn
thn
Why You Should Consider QEMU Live Patching
2021-09-23 11:16:00
Venom Vulnerability Exposes Most Data Centers to Cyber Attacks
2015-05-14 05:32:00
mageia
mageia
Updated qemu packages fix CVE-2015-3456
2015-05-13 18:54:07
Updated virtualbox packages fix security vulnerabilities
2015-05-15 21:23:49
arista
arista
Security Advisory 0010
2015-05-14 00:00:00
xen
xen
Privilege escalation via emulated floppy disk drive
2015-05-13 11:15:00