Unrated severityNVD Advisory· Published Mar 3, 2008· Updated Jun 16, 2026
CVE-2008-0928
CVE-2008-0928
Description
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*+ 29 more
- cpe:2.3:a:qemu:qemu:0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:qemu:qemu:0.9.1:*:*:*:*:*:*:*
- (no CPE)range: <=0.9.1
- osv-coords2 versionspkg:rpm/opensuse/qemu&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/qemu-linux-user&distro=openSUSE%20Tumbleweed
< 2.6.1-1.5+ 1 more
- (no CPE)range: < 2.6.1-1.5
- (no CPE)range: < 2.6.1-1.5
Patches
Vulnerability mechanics
References
22- secunia.com/advisories/29172nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.htmlnvd
- marc.infonvd
- secunia.com/advisories/29081nvd
- secunia.com/advisories/29129nvd
- secunia.com/advisories/29136nvd
- secunia.com/advisories/29963nvd
- secunia.com/advisories/34642nvd
- secunia.com/advisories/35031nvd
- www.debian.org/security/2009/dsa-1799nvd
- www.mandriva.com/security/advisoriesnvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00830.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00850.htmlnvd
- www.redhat.com/support/errata/RHSA-2008-0194.htmlnvd
- www.securityfocus.com/bid/28001nvd
- bugzilla.redhat.com/show_bug.cginvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9706nvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00852.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00857.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00900.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-February/msg00957.htmlnvd
News mentions
0No linked articles in our index yet.