FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b56fe6bb-b1b1-11e5-9728-002590263bf5qemu -- denial of service vulnerabilities in eepro100 NIC support

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with the i8255x (PRO100) emulation support is vulnerable to an infinite loop issue. It could occur while processing a chain of commands located in the Command Block List (CBL). Each Command Block(CB) points to the next command in the list. An infinite loop unfolds if the link to the next CB points to the same block or there is a closed loop in the chain.

A privileged(CAP_SYS_RAWIO) user inside guest could use this flaw to crash the Qemu instance resulting in DoS.


Discovery 2015-10-16
Entry 2016-01-03
Modified 2016-07-06
qemu
qemu-devel
< 2.5.50

qemu-sbruno
qemu-user-static
< 2.5.50.g20160213

CVE-2015-8345
ports/205813
ports/205814
http://www.openwall.com/lists/oss-security/2015/11/25/3
https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
http://git.qemu.org/?p=qemu.git;a=commit;h=00837731d254908a841d69298a4f9f077babaf24
https://github.com/seanbruno/qemu-bsd-user/commit/00837731d254908a841d69298a4f9f077babaf24
152acff3-b1bd-11e5-9728-002590263bf5qemu -- denial of service vulnerability in Q35 chipset emulation

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with the Q35 chipset based pc system emulator is vulnerable to a heap based buffer overflow. It occurs during VM guest migration, as more(16 bytes) data is moved into allocated (8 bytes) memory area.

A privileged guest user could use this issue to corrupt the VM guest image, potentially leading to a DoS. This issue affects q35 machine types.


Discovery 2015-11-19
Entry 2016-01-03
Modified 2016-07-06
qemu
qemu-devel
< 2.5.50

qemu-sbruno
qemu-user-static
< 2.5.50.g20151224

CVE-2015-8666
http://www.openwall.com/lists/oss-security/2015/12/24/1
http://git.qemu.org/?p=qemu.git;a=commit;h=d9a3b33d2c9f996537b7f1d0246dee2d0120cefb
https://github.com/seanbruno/qemu-bsd-user/commit/d9a3b33d2c9f996537b7f1d0246dee2d0120cefb
1384f2fd-b1be-11e5-9728-002590263bf5qemu -- denial of service vulnerability in Rocker switch emulation

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit(tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRAGS_MAX=16) fragments.

A privileged user inside guest could use this flaw to cause memory leakage on the host or crash the Qemu process instance resulting in DoS issue.


Discovery 2015-12-28
Entry 2016-01-03
Modified 2016-07-06
qemu
qemu-devel
< 2.5.50

qemu-sbruno
qemu-user-static
< 2.5.50.g20160213

CVE-2015-8701
ports/205813
ports/205814
http://www.openwall.com/lists/oss-security/2015/12/28/6
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg04629.html
http://git.qemu.org/?p=qemu.git;a=commit;h=007cd223de527b5f41278f2d886c1a4beb3e67aa
https://github.com/seanbruno/qemu-bsd-user/commit/007cd223de527b5f41278f2d886c1a4beb3e67aa