CVE-2008-0928

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2008-0928

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-0928.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2008-0928

Related

Published

2008-03-03T22:44:00Z

Modified

2024-06-30T12:01:22Z

Summary

[none]

Details

Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.

References

Affected packages

Debian:11 / qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.1+svn20081207-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.1+svn20081207-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / qemu

Package

Name: qemu
Purl: pkg:deb/debian/qemu?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.9.1+svn20081207-1

Ecosystem specific

{
    "urgency": "low"
}