Vulnerability & Exploit Database

Displaying all 8 entries

Results for: CVE-2014-3640 Back to search

RHSA-2015:0624: qemu-kvm-rhev security, bug fix, and enhancement update Vulnerability

  • Severity: 8
  • Published: December 12, 2014

Updated qemu-kvm-rhev packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed...

RHSA-2015:0349: qemu-kvm security, bug fix, and enhancement update Vulnerability

  • Severity: 8
  • Published: December 12, 2014

KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linuxon AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-spacecomponent for running virtual machines using KVM.It was found that the Cirrus blit region checks were insufficient. A privilegedguest user could use this flaw to write outside of VRAM-al...

USN-2409-1: QEMU vulnerabilities Vulnerability

  • Severity: 7
  • Published: November 14, 2014

The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.

SUSE: CVE-2014-3640: SUSE Linux Security Advisory Vulnerability

  • Severity: 2
  • Published: November 07, 2014

The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.

Gentoo Linux: CVE-2014-3640: QEMU: Multiple Vulnerabilities Vulnerability

  • Severity: 2
  • Published: November 07, 2014

The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.

DSA-3045-1 qemu -- security update Vulnerability

  • Severity: 8
  • Published: October 04, 2014

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.

DSA-3044-1 qemu-kvm -- security update Vulnerability

  • Severity: 8
  • Published: October 04, 2014

Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.