FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  369658
Date:      2014-09-30
Time:      20:09:32Z
Committer: brd

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
9cfbca7f-efb7-11dc-be01-0211060005dfqemu -- unchecked block read/write vulnerability

Ian Jackson reports on the debian-security mailinglist:

When a block device read or write request is made by the guest, nothing checks that the request is within the range supported by the backend, but the code in the backend typically assumes that the request is sensible.

Depending on the backend, this can allow the guest to read and write arbitrary memory locations in qemu, and possibly gain control over the qemu process, escaping from the emulation/virtualisation.


Discovery 2008-02-19
Entry 2008-03-11
qemu
qemu-devel
lt 0.9.1_2

CVE-2008-0928
http://secunia.com/advisories/29172
http://secunia.com/advisories/29081
http://lists.debian.org/debian-security/2008/02/msg00064.html
8950ac62-1d30-11dd-9388-0211060005dfqemu -- "drive_init()" Disk Format Security Bypass

Secunia reports:

A vulnerability has been reported in QEMU, which can be exploited by malicious, local users to bypass certain security restrictions.

The vulnerability is caused due to the "drive_init()" function in vl.c determining the format of a disk from data contained in the disk's header. This can be exploited by a malicious user in a guest system to e.g. read arbitrary files on the host by writing a fake header to a raw formatted disk image.


Discovery 2008-04-28
Entry 2008-05-08
qemu
qemu-devel
lt 0.9.1_6

ge 0.9.1s.20070101* lt 0.9.1s.20080302_6

CVE-2008-2004
http://secunia.com/advisories/30111/
http://lists.gnu.org/archive/html/qemu-devel/2008-04/msg00675.html
07bb3bd2-a920-11dd-8503-0211060005dfqemu -- Heap overflow in Cirrus emulation

Aurelien Jarno reports:

CVE-2008-4539: fix a heap overflow in Cirrus emulation

The code in hw/cirrus_vga.c has changed a lot between CVE-2007-1320 has been announced and the patch has been applied. As a consequence it has wrongly applied and QEMU is still vulnerable to this bug if using VNC.


Discovery 2008-11-01
Entry 2008-11-02
qemu
qemu-devel
lt 0.9.1_10

ge 0.9.1s.20080101* lt 0.9.1s.20080620_2

CVE-2008-4539
http://lists.gnu.org/archive/html/qemu-devel/2008-10/msg01363.html
9cfbca7f-efb7-11dc-be01-0211060005dfqemu -- unchecked block read/write vulnerability

Ian Jackson reports on the debian-security mailinglist:

When a block device read or write request is made by the guest, nothing checks that the request is within the range supported by the backend, but the code in the backend typically assumes that the request is sensible.

Depending on the backend, this can allow the guest to read and write arbitrary memory locations in qemu, and possibly gain control over the qemu process, escaping from the emulation/virtualisation.


Discovery 2008-02-19
Entry 2008-03-11
qemu
qemu-devel
lt 0.9.1_2

CVE-2008-0928
http://secunia.com/advisories/29172
http://secunia.com/advisories/29081
http://lists.debian.org/debian-security/2008/02/msg00064.html
8950ac62-1d30-11dd-9388-0211060005dfqemu -- "drive_init()" Disk Format Security Bypass

Secunia reports:

A vulnerability has been reported in QEMU, which can be exploited by malicious, local users to bypass certain security restrictions.

The vulnerability is caused due to the "drive_init()" function in vl.c determining the format of a disk from data contained in the disk's header. This can be exploited by a malicious user in a guest system to e.g. read arbitrary files on the host by writing a fake header to a raw formatted disk image.


Discovery 2008-04-28
Entry 2008-05-08
qemu
qemu-devel
lt 0.9.1_6

ge 0.9.1s.20070101* lt 0.9.1s.20080302_6

CVE-2008-2004
http://secunia.com/advisories/30111/
http://lists.gnu.org/archive/html/qemu-devel/2008-04/msg00675.html
07bb3bd2-a920-11dd-8503-0211060005dfqemu -- Heap overflow in Cirrus emulation

Aurelien Jarno reports:

CVE-2008-4539: fix a heap overflow in Cirrus emulation

The code in hw/cirrus_vga.c has changed a lot between CVE-2007-1320 has been announced and the patch has been applied. As a consequence it has wrongly applied and QEMU is still vulnerable to this bug if using VNC.


Discovery 2008-11-01
Entry 2008-11-02
qemu
qemu-devel
lt 0.9.1_10

ge 0.9.1s.20080101* lt 0.9.1s.20080620_2

CVE-2008-4539
http://lists.gnu.org/archive/html/qemu-devel/2008-10/msg01363.html