CVE-2008-0928

EPSS 0.08%
Published 03.03.2008 22:44:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.

Affected products Warnungen 0 Metrics 2 CWE 0 References 25

Data is provided by the National Vulnerability Database (NVD)

Qemu ≫ Qemu Version0.1.0

Qemu ≫ Qemu Version0.1.1

Qemu ≫ Qemu Version0.1.2

Qemu ≫ Qemu Version0.1.3

Qemu ≫ Qemu Version0.1.4

Qemu ≫ Qemu Version0.1.5

Qemu ≫ Qemu Version0.1.6

Qemu ≫ Qemu Version0.2.0

Qemu ≫ Qemu Version0.3.0

Qemu ≫ Qemu Version0.4.0

Qemu ≫ Qemu Version0.4.1

Qemu ≫ Qemu Version0.4.2

Qemu ≫ Qemu Version0.4.3

Qemu ≫ Qemu Version0.5.0

Qemu ≫ Qemu Version0.5.1

Qemu ≫ Qemu Version0.5.2

Qemu ≫ Qemu Version0.5.3

Qemu ≫ Qemu Version0.5.4

Qemu ≫ Qemu Version0.5.5

Qemu ≫ Qemu Version0.6.0

Qemu ≫ Qemu Version0.6.1

Qemu ≫ Qemu Version0.7.0

Qemu ≫ Qemu Version0.7.1

Qemu ≫ Qemu Version0.7.2

Qemu ≫ Qemu Version0.8.0

Qemu ≫ Qemu Version0.8.1

Qemu ≫ Qemu Version0.8.2

Qemu ≫ Qemu Version0.9.0

Qemu ≫ Qemu Version0.9.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.212

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.7	3.4	6.9	AV:L/AC:M/Au:N/C:C/I:N/A:N

http://secunia.com/advisories/29129

http://www.mandriva.com/security/advisories?name=MDVSA-2008:162

http://secunia.com/advisories/29963

http://www.redhat.com/support/errata/RHSA-2008-0194.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html

http://marc.info/?l=debian-security&m=120343592917055&w=2

http://secunia.com/advisories/29081

http://secunia.com/advisories/29136

http://secunia.com/advisories/29172

Vendor Advisory

http://secunia.com/advisories/34642

http://secunia.com/advisories/35031

http://www.debian.org/security/2009/dsa-1799

http://www.mandriva.com/security/advisories?name=MDVSA-2009:016

http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00830.html

http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00850.html

http://www.securityfocus.com/bid/28001

https://bugzilla.redhat.com/show_bug.cgi?id=433560

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9706

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00852.html

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00857.html

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00900.html

https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00957.html

https://nvd.nist.gov/vuln/detail/CVE-2008-0928

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0928

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0928

EUVD