LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

qemu-kvm: code execution

Package(s):qemu-kvm CVE #(s):CVE-2012-0029
Created:January 24, 2012 Updated:August 20, 2012
Description: From the Ubuntu advisory:

Nicolae Mogoreanu discovered that QEMU did not properly verify legacy mode packets in the e1000 network driver. A remote attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

Alerts:
Ubuntu USN-1339-1 2012-01-23
Red Hat RHSA-2012:0050-01 2012-01-23
Red Hat RHSA-2012:0051-01 2012-01-23
Oracle ELSA-2012-0050 2012-01-23
Oracle ELSA-2012-0051 2012-01-23
CentOS CESA-2012:0050 2012-01-24
Scientific Linux SL-kvm-20120124 2012-01-24
CentOS CESA-2012:0051 2012-01-24
Scientific Linux SL-qemu-20120125 2012-01-25
Debian DSA-2396-1 2012-01-27
Debian DSA-2404-1 2012-02-05
openSUSE openSUSE-SU-2012:0207-1 2012-02-09
openSUSE openSUSE-SU-2012:0267-1 2012-02-17
Fedora FEDORA-2012-1375 2012-02-19
Fedora FEDORA-2012-1539 2012-02-19
Red Hat RHSA-2012:0370-01 2012-03-07
Oracle ELSA-2012-0149 2012-03-07
Oracle ELSA-2012-0370 2012-03-08
openSUSE openSUSE-SU-2012:0347-1 2012-03-09
Scientific Linux SL-xen-20120321 2012-03-21
openSUSE openSUSE-SU-2012:0548-1 2012-04-23
Fedora FEDORA-2012-8604 2012-06-07
Fedora FEDORA-2012-8592 2012-06-07
Mageia MGASA-2012-0222 2012-08-18
SUSE SUSE-SU-2012:1320-1 2012-10-09
Gentoo 201210-04 2012-10-18
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds