Back to search
CVE-2008-0928
Published: Mar 3, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2008-1993
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-1995
vendor-advisory
x_refsource_FEDORA
RHSA-2008:0194
vendor-advisory
x_refsource_REDHAT
FEDORA-2008-2057
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-2083
vendor-advisory
x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=433560
x_refsource_CONFIRM
34642
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:016
vendor-advisory
x_refsource_MANDRIVA
MDVSA-2008:162
vendor-advisory
x_refsource_MANDRIVA
[debian-security] 20080219 qemu unchecked block read/write vulnerability
mailing-list
x_refsource_MLIST
FEDORA-2008-2001
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-1973
vendor-advisory
x_refsource_FEDORA
29963
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9706
vdb-entry
signature
x_refsource_OVAL
SUSE-SR:2009:008
vendor-advisory
x_refsource_SUSE
29129
third-party-advisory
x_refsource_SECUNIA
28001
vdb-entry
x_refsource_BID
DSA-1799
vendor-advisory
x_refsource_DEBIAN
29136
third-party-advisory
x_refsource_SECUNIA
35031
third-party-advisory
x_refsource_SECUNIA
29081
third-party-advisory
x_refsource_SECUNIA
29172
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now