CVE-2012-0029 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.4 UNKNOWN	ADJACENT_NETWORK	MEDIUM		AV:A/AC:M/Au:S/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 77%

Affected Products (NVD)

Vendor	Product	Version
kvm_group	qemu-kvm	0.12

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

xen

bookworm	4.17.3+10-g091466ba55-1~deb12u1 fixed
bullseye	4.14.6-1 fixed
bullseye (security)	4.14.5+94-ge49571868d-1 fixed
sid	4.17.3+36-g54dacb5c02-1 fixed
squeeze	not-affected
trixie	4.17.3+36-g54dacb5c02-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

kvm

hardy	ignored
lucid	dne
maverick	dne
natty	dne
oneiric	dne

qemu

hardy	ignored
lucid	dne
maverick	dne
natty	dne
oneiric	dne

qemu-kvm

hardy	dne
lucid	Fixed 0.12.3+noroms-0ubuntu9.17 released
maverick	Fixed 0.12.5+noroms-0ubuntu7.11 released
natty	Fixed 0.14.0+noroms-0ubuntu4.5 released
oneiric	Fixed 0.14.1+noroms-0ubuntu6.2 released

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://git.qemu.org/?p=qemu.git%3Ba=log%3Bh=refs/heads/stable-1.0

http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html

http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html

http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html

http://rhn.redhat.com/errata/RHSA-2012-0370.html

http://secunia.com/advisories/47740

http://secunia.com/advisories/47741

http://secunia.com/advisories/47992

http://secunia.com/advisories/48318

http://secunia.com/advisories/50913

http://www.redhat.com/support/errata/RHSA-2012-0050.html

http://www.securityfocus.com/bid/51642

http://www.ubuntu.com/usn/USN-1339-1

https://bugzilla.redhat.com/show_bug.cgi?id=772075

https://exchange.xforce.ibmcloud.com/vulnerabilities/72656

http://git.qemu.org/?p=qemu.git%3Ba=log%3Bh=refs/heads/stable-1.0

http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html

http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00002.html

http://lists.opensuse.org/opensuse-updates/2012-02/msg00009.html

http://rhn.redhat.com/errata/RHSA-2012-0370.html

http://secunia.com/advisories/47740

http://secunia.com/advisories/47741

http://secunia.com/advisories/47992

http://secunia.com/advisories/48318

http://secunia.com/advisories/50913

http://www.redhat.com/support/errata/RHSA-2012-0050.html

http://www.securityfocus.com/bid/51642

http://www.ubuntu.com/usn/USN-1339-1

https://bugzilla.redhat.com/show_bug.cgi?id=772075

https://exchange.xforce.ibmcloud.com/vulnerabilities/72656