Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2010-0297: '[oss-security] KVM possible security issues fixed'

Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet.

CVE
#linux#dos#buffer_overflow

[prev in list] [next in list] [prev in thread] [next in thread] List: oss-security Subject: [oss-security] KVM possible security issues fixed From: Thomas Biege <thomas () suse ! de> Date: 2010-02-02 9:59:13 Message-ID: 201002021059.13521.thomas () suse ! de [Download RAW message or body]

Hello, the following was listed in the changelog of kvm

  • slirp: fix use-after-free
  • usb-linux.c: fix buffer overflow
  • fix potential stack corruption saving MSRs (Eduardo Habkost)

Looks like these are security issues. Does someone know more about? Any details about exploitability etc.

Thanks Thomas

– Thomas Biege [email protected], SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) – Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. – Marie von Ebner-Eschenbach [prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907