CVE-2008-0928
QEMU <= 0.9.1 - Authenticated Memory Access and Virtual Machine Escape via Block Device Requests
Title source: llmDescription
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
References (22)
Core 22
Core References
Vendor Advisory vendor-advisory
x_refsource_fedora
http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00850.html
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00852.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0194.html
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00900.html
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00957.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=433560
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/34642
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2009:016
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=debian-security&m=120343592917055&w=2
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00857.html
Vendor Advisory vendor-advisory
x_refsource_fedora
http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00830.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29963
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9706
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29129
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28001
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2009/dsa-1799
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29136
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/35031
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29081
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29172
Scores
EPSS
0.0010
EPSS Percentile
27.7%
Details
CWE
CWE-264
Status
published
Products (29)
qemu/qemu
0.1.0
qemu/qemu
0.1.1
qemu/qemu
0.1.2
qemu/qemu
0.1.3
qemu/qemu
0.1.4
qemu/qemu
0.1.5
qemu/qemu
0.1.6
qemu/qemu
0.2.0
qemu/qemu
0.3.0
qemu/qemu
0.4.0
... and 19 more
Published
Mar 03, 2008
Tracked Since
Feb 18, 2026