CVE-2008-0928

EPSS 0.08%
Veröffentlicht 03.03.2008 22:44:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 25

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qemu ≫ Qemu Version0.1.0

Qemu ≫ Qemu Version0.1.1

Qemu ≫ Qemu Version0.1.2

Qemu ≫ Qemu Version0.1.3

Qemu ≫ Qemu Version0.1.4

Qemu ≫ Qemu Version0.1.5

Qemu ≫ Qemu Version0.1.6

Qemu ≫ Qemu Version0.2.0

Qemu ≫ Qemu Version0.3.0

Qemu ≫ Qemu Version0.4.0

Qemu ≫ Qemu Version0.4.1

Qemu ≫ Qemu Version0.4.2

Qemu ≫ Qemu Version0.4.3

Qemu ≫ Qemu Version0.5.0

Qemu ≫ Qemu Version0.5.1

Qemu ≫ Qemu Version0.5.2

Qemu ≫ Qemu Version0.5.3

Qemu ≫ Qemu Version0.5.4

Qemu ≫ Qemu Version0.5.5

Qemu ≫ Qemu Version0.6.0

Qemu ≫ Qemu Version0.6.1

Qemu ≫ Qemu Version0.7.0

Qemu ≫ Qemu Version0.7.1

Qemu ≫ Qemu Version0.7.2

Qemu ≫ Qemu Version0.8.0

Qemu ≫ Qemu Version0.8.1

Qemu ≫ Qemu Version0.8.2

Qemu ≫ Qemu Version0.9.0

Qemu ≫ Qemu Version0.9.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.212

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	3.4	6.9	AV:L/AC:M/Au:N/C:C/I:N/A:N

http://secunia.com/advisories/29129

http://www.mandriva.com/security/advisories?name=MDVSA-2008:162

http://secunia.com/advisories/29963

http://www.redhat.com/support/errata/RHSA-2008-0194.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

http://marc.info/?l=debian-security&m=120343592917055&w=2

http://secunia.com/advisories/29081

http://secunia.com/advisories/29136

http://secunia.com/advisories/29172

Vendor Advisory

http://secunia.com/advisories/34642

http://secunia.com/advisories/35031

http://www.debian.org/security/2009/dsa-1799

http://www.mandriva.com/security/advisories?name=MDVSA-2009:016

http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00830.html

http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00850.html

http://www.securityfocus.com/bid/28001

https://bugzilla.redhat.com/show_bug.cgi?id=433560

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9706

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00852.html

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00857.html

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00900.html

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00957.html

https://nvd.nist.gov/vuln/detail/CVE-2008-0928

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0928

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0928

EUVD