4.7
CVE-2008-0928
- EPSS 0.37%
- Veröffentlicht 03.03.2008 22:44:00
- Zuletzt bearbeitet 16.06.2026 22:50:37
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.285 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.7 | 3.4 | 6.9 |
AV:L/AC:M/Au:N/C:C/I:N/A:N
|
http://secunia.com/advisories/29129
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162
http://secunia.com/advisories/29963
http://www.redhat.com/support/errata/RHSA-2008-0194.html
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
http://marc.info/?l=debian-security&m=120343592917055&w=2
http://secunia.com/advisories/29081
http://secunia.com/advisories/29136
http://secunia.com/advisories/29172
http://secunia.com/advisories/34642
http://secunia.com/advisories/35031
http://www.debian.org/security/2009/dsa-1799
http://www.mandriva.com/security/advisories?name=MDVSA-2009:016
http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00830.html
http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00850.html
http://www.securityfocus.com/bid/28001
https://bugzilla.redhat.com/show_bug.cgi?id=433560
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9706
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00852.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00857.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00900.html
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00957.html