Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-5489-1.NASL
HistoryJun 21, 2022 - 12:00 a.m.

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : QEMU vulnerabilities (USN-5489-1)

2022-06-2100:00:00
Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
JSON

The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5489-1 advisory.

  • A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory. (CVE-2021-3507)

  • A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. (CVE-2021-4206)

  • A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor->header.width and cursor->header.height can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. (CVE-2021-4207)

  • A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0. (CVE-2022-26353)

  • A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results.
    Affected QEMU versions <= 6.2.0. (CVE-2022-26354)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-5489-1. The text
# itself is copyright (C) Canonical, Inc. See
# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
##

include('compat.inc');

if (description)
{
  script_id(162426);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/16");

  script_cve_id(
    "CVE-2021-3507",
    "CVE-2021-3929",
    "CVE-2021-4206",
    "CVE-2021-4207",
    "CVE-2022-0358",
    "CVE-2022-26353",
    "CVE-2022-26354"
  );
  script_xref(name:"USN", value:"5489-1");

  script_name(english:"Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : QEMU vulnerabilities (USN-5489-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Ubuntu host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 / 22.04 LTS host has packages installed that are affected by multiple
vulnerabilities as referenced in the USN-5489-1 advisory.

  - A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could
    occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the
    floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on
    the host resulting in DoS scenario, or potential information leakage from the host memory. (CVE-2021-3507)

  - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc()
    function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer
    overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or
    potentially execute arbitrary code within the context of the QEMU process. (CVE-2021-4206)

  - A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values
    `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object
    followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw
    to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU
    process. (CVE-2021-4207)

  - A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for
    CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and
    other unexpected results. Affected QEMU version: 6.2.0. (CVE-2022-26353)

  - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached
    from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results.
    Affected QEMU versions <= 6.2.0. (CVE-2022-26354)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/notices/USN-5489-1");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-4207");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/05/06");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/06/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/06/21");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:20.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-block-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-guest-agent");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-kvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-arm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-data");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-gui");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-mips");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-misc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-ppc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-s390x");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-sparc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86-microvm");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-system-x86-xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-user");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-user-binfmt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-user-static");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:qemu-utils");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Ubuntu Local Security Checks");

  script_copyright(english:"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}

include('debian_package.inc');

if ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/Ubuntu/release');
if ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');
os_release = chomp(os_release);
if (! ('18.04' >< os_release || '20.04' >< os_release || '22.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 22.04', 'Ubuntu ' + os_release);
if ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);

var pkgs = [
    {'osver': '18.04', 'pkgname': 'qemu', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-block-extra', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-guest-agent', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-kvm', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-arm', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-common', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-mips', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-misc', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-ppc', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-s390x', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-sparc', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-system-x86', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-user', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-user-binfmt', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-user-static', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '18.04', 'pkgname': 'qemu-utils', 'pkgver': '1:2.11+dfsg-1ubuntu7.40'},
    {'osver': '20.04', 'pkgname': 'qemu', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-block-extra', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-guest-agent', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-kvm', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-arm', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-common', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-data', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-gui', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-mips', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-misc', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-ppc', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-s390x', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-sparc', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-x86', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-x86-microvm', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-system-x86-xen', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-user', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-user-binfmt', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-user-static', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '20.04', 'pkgname': 'qemu-utils', 'pkgver': '1:4.2-3ubuntu6.23'},
    {'osver': '22.04', 'pkgname': 'qemu', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-block-extra', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-guest-agent', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-arm', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-common', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-data', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-gui', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-mips', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-misc', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-ppc', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-s390x', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-sparc', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-x86', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-x86-microvm', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-system-x86-xen', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-user', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-user-binfmt', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-user-static', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'},
    {'osver': '22.04', 'pkgname': 'qemu-utils', 'pkgver': '1:6.2+dfsg-2ubuntu6.2'}
];

var flag = 0;
foreach package_array ( pkgs ) {
  var osver = NULL;
  var pkgname = NULL;
  var pkgver = NULL;
  if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];
  if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];
  if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];
  if (osver && pkgname && pkgver) {
    if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;
  }
}

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  var tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'qemu / qemu-block-extra / qemu-guest-agent / qemu-kvm / qemu-system / etc');
}
VendorProductVersionCPE
canonicalubuntu_linux18.04cpe:/o:canonical:ubuntu_linux:18.04:-:lts
canonicalubuntu_linux20.04cpe:/o:canonical:ubuntu_linux:20.04:-:lts
canonicalubuntu_linux22.04cpe:/o:canonical:ubuntu_linux:22.04:-:lts
canonicalubuntu_linuxqemup-cpe:/a:canonical:ubuntu_linux:qemu
canonicalubuntu_linuxqemu-block-extrap-cpe:/a:canonical:ubuntu_linux:qemu-block-extra
canonicalubuntu_linuxqemu-guest-agentp-cpe:/a:canonical:ubuntu_linux:qemu-guest-agent
canonicalubuntu_linuxqemu-kvmp-cpe:/a:canonical:ubuntu_linux:qemu-kvm
canonicalubuntu_linuxqemu-systemp-cpe:/a:canonical:ubuntu_linux:qemu-system
canonicalubuntu_linuxqemu-system-armp-cpe:/a:canonical:ubuntu_linux:qemu-system-arm
canonicalubuntu_linuxqemu-system-commonp-cpe:/a:canonical:ubuntu_linux:qemu-system-common
Rows per page:
1-10 of 241

Related

ubuntu 1
openvas 27
osv 15
nessus 46
debian 2
oraclelinux 13
redhat 6
suse 5
rocky 1
almalinux 2
ubuntucve 7
f5 2
cve 7
prion 7
debiancve 7
redhatcve 8
veracode 8
cbl_mariner 20
cnvd 4
alpinelinux 5
githubexploit 1
fedora 2
redos 1
altlinux 1
gentoo 1
ubuntu
ubuntu
QEMU vulnerabilities
2022-06-21 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5489-1)
2022-06-22 00:00:00
Debian: Security Advisory (DSA-5133-1)
2022-05-11 00:00:00
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2898)
2022-12-28 00:00:00
osv
osv
qemu vulnerabilities
2022-06-21 14:57:23
qemu - security update
2022-05-09 00:00:00
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-08-02 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2022:2260-1)
2022-07-05 00:00:00
AlmaLinux 8 : virt:rhel and virt-devel:rhel (5821) (ALSA-2022:5821)
2022-08-06 00:00:00
Oracle Linux 8 : virt:ol / and / virt-devel:ol (ELSA-2022-5821)
2022-08-05 00:00:00
debian
debian
[SECURITY] [DSA 5133-1] qemu security update
2022-05-09 20:44:24
[SECURITY] [DLA 2970-1] qemu security update
2022-04-04 13:21:47
oraclelinux
oraclelinux
virt:ol and virt-devel:ol security, bug fix, and enhancement update
2022-08-05 00:00:00
qemu security update
2022-05-26 00:00:00
qemu security update
2022-08-01 00:00:00
redhat
redhat
(RHSA-2022:5821) Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-08-02 07:04:52
(RHSA-2022:5002) Moderate: virt:av and virt-devel:av security and bug fix update
2022-06-13 11:33:46
(RHSA-2022:5263) Moderate: qemu-kvm security and bug fix update
2022-06-28 08:28:54
suse
suse
Security update for qemu (important)
2022-07-04 00:00:00
Security update for qemu (important)
2022-07-04 00:00:00
Security update for qemu (important)
2022-10-26 00:00:00
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-08-02 07:04:52
almalinux
almalinux
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-08-02 00:00:00
Moderate: qemu-kvm security and bug fix update
2022-07-01 00:00:00
ubuntucve
ubuntucve
CVE-2022-26353
2022-03-16 00:00:00
CVE-2022-26354
2022-03-16 00:00:00
CVE-2021-3748
2021-08-31 00:00:00
f5
f5
K63714476 : Linux kernel vulnerabilities CVE-2022-26353 and CVE-2021-3748
2022-04-19 00:00:00
K50401227 : Linux kernel vulnerability CVE-2022-26354
2022-04-19 00:00:00
cve
cve
CVE-2022-26353
2022-03-16 15:15:00
CVE-2022-26354
2022-03-16 15:15:00
CVE-2021-3507
2021-05-06 16:15:00
prion
prion
Design/Logic Flaw
2022-03-16 15:15:00
Design/Logic Flaw
2022-03-16 15:15:00
Design/Logic Flaw
2022-03-23 20:15:00
debiancve
debiancve
CVE-2022-26353
2022-03-16 15:15:00
CVE-2022-26354
2022-03-16 15:15:00
CVE-2021-3507
2021-05-06 16:15:00
redhatcve
redhatcve
CVE-2022-26353
2022-03-11 14:16:08
CVE-2022-26354
2022-03-11 16:45:36
CVE-2021-3748
2021-08-30 11:14:20
veracode
veracode
Out Of Bound Reads
2022-04-09 08:42:10
Memory Leak
2022-04-27 08:09:27
Remote Code Execution (RCE)
2022-04-26 21:47:02
cbl_mariner
cbl_mariner
CVE-2022-26353 affecting package qemu 6.2.0-18
2024-03-19 17:21:46
CVE-2022-26354 affecting package qemu 6.2.0-18
2024-03-19 17:21:46
CVE-2022-26354 affecting package qemu-kvm 4.2.0-44
2023-01-12 20:55:00
cnvd
cnvd
QEMU Denial of Service Vulnerability (CNVD-2022-84161)
2022-03-18 00:00:00
QEMU Buffer Overflow Vulnerability (CNVD-2023-80120)
2022-05-24 00:00:00
QEMU Buffer Overflow Vulnerability (CNVD-2023-80119)
2022-05-24 00:00:00
alpinelinux
alpinelinux
CVE-2022-26354
2022-03-16 15:15:00
CVE-2021-3748
2022-03-23 20:15:00
CVE-2021-3507
2021-05-06 16:15:00
githubexploit
githubexploit
Exploit for Use After Free in Qemu
2022-05-13 05:33:28
fedora
fedora
[SECURITY] Fedora 36 Update: qemu-6.2.0-15.fc36
2022-09-23 01:21:49
[SECURITY] Fedora 34 Update: qemu-5.2.0-9.fc34
2022-02-25 17:03:11
redos
redos
ROS-20220324-02
2022-03-24 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package qemu version 6.1.1-alt1
2022-03-01 00:00:00
gentoo
gentoo
QEMU: Multiple Vulnerabilities
2022-08-14 00:00:00
JSON
Related for UBUNTU_USN-5489-1.NASL
ubuntu1openvas27osv15nessus46debian2oraclelinux13redhat6suse5rocky1almalinux2ubuntucve7f52cve7prion7debiancve7redhatcve8veracode8cbl_mariner20cnvd4alpinelinux5githubexploit1fedora2redos1altlinux1gentoo1