Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0928

Overview

Vulnerability Score 4.7 4.7
CVE Id CVE-2008-0928
Last Modified 21 Aug 2010 01:17:15
Published 03 Mar 2008 05:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0928

Summary

Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.

Vulnerable Systems

Application

  • Qemu 0.1

  • Qemu 0.1.1

  • Qemu 0.1.2

  • Qemu 0.1.3

  • Qemu 0.1.4

  • Qemu 0.1.5

  • Qemu 0.1.6

  • Qemu 0.2

  • Qemu 0.3

  • Qemu 0.4

  • Qemu 0.4.1

  • Qemu 0.4.2

  • Qemu 0.4.3

  • Qemu 0.5.0

  • Qemu 0.5.1

  • Qemu 0.5.2

  • Qemu 0.5.3

  • Qemu 0.5.4

  • Qemu 0.5.5

  • Qemu 0.6.0

  • Qemu 0.6.1

  • Qemu 0.7.0

  • Qemu 0.7.1

  • Qemu 0.7.2

  • Qemu 0.8.0

  • Qemu 0.8.1

  • Qemu 0.8.2

  • Qemu 0.9.0

  • Qemu 0.9.1


References

FEDORA - FEDORA-2008-2083

FEDORA - FEDORA-2008-2057

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=433560

BID - 28001

FEDORA - FEDORA-2008-1993

FEDORA - FEDORA-2008-1973

MANDRIVA - MDVSA-2009:016

MANDRIVA - MDVSA-2008:162

DEBIAN - DSA-1799

SECUNIA - 35031

SECUNIA - 34642

SECUNIA - 29172

SECUNIA - 29136

SECUNIA - 29129

MLIST - [debian-security] 20080219 qemu unchecked block read/write vulnerability

SUSE - SUSE-SR:2009:008

FEDORA - FEDORA-2008-2001

FEDORA - FEDORA-2008-1995

REDHAT - RHSA-2008:0194

SECUNIA - 29963

SECUNIA - 29081


Last Updated: 27 May 2016 10:46:58