31 matches found
MiracleLinux 9 : qemu-kvm-6.2.0-11.el9.3 (AXSA:2022-4021:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4021:02 advisory. QEMU: virtio-net: map leaking on error during receive CVE-2022-26353 QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak...
Linux Distros Unpatched Vulnerability : CVE-2022-26354
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading ...
Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2022-26354)
The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26354 advisory. - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not...
CBL Mariner 2.0 Security Update: qemu / qemu-kvm (CVE-2022-26354)
The version of qemu / qemu-kvm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26354 advisory. - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not...
SUSE: Security Advisory (SUSE-SU-2023:3800-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:3721-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0761-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K50401227: Linux kernel vulnerability CVE-2022-26354
Security Advisory Description A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions = 6.2.0. CVE-2022-26354 Impact There...
CVE-2022-26354 affecting package qemu-kvm 4.2.0-44
CVE-2022-26354 affecting package qemu-kvm 4.2.0-44. A patched version of the package is available...
AlmaLinux 9 : qemu-kvm (ALSA-2022:5263)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5263 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...
AlmaLinux 8 : virt:rhel and virt-devel:rhel (5821) (ALSA-2022:5821)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5821 advisory. QEMU: QXL: integer overflow in cursoralloc can lead to heap buffer overflow CVE-2021-4206 QEMU: QXL: double fetch in qxlcursor can lead to heap buffer...
Oracle Linux 8 : virt:ol / and / virt-devel:ol (ELSA-2022-5821)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5821 advisory. libvirt 8.0.0-5.2.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-5.2.el8 -...
Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2022:5821)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5821 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
Oracle Linux 9 : qemu-kvm (ELSA-2022-5263)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5263 advisory. - Resolves: bz2075635 CVE-2022-26353 qemu-kvm: QEMU: virtio-net: map leaking on error during receive rhel-9 rhel-9.0.0.z - Resolves: bz2075640...
SUSE: Security Advisory (SUSE-SU-2022:2260-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for qemu (SUSE-SU-2022:2260-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:2260-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2022-26354: Fixed missing virtqueue detach on error can lead to memory leak bsc1198712 - CVE-2022-26353: Fixed map leaking on error during receive bsc1198711 - CVE-2021-4207: Fixed double fetch in qxlcursor can lead to heap buffer overflow...
qemu-kvm security and bug fix update
6.2.0-11.el90.3 - kvm-RHEL-disable-seqpacket-for-vhost-vsock-device-in-rhe.patch bz2071102 - kvm-virtio-net-fix-map-leaking-on-error-during-receive.patch bz2075635 - kvm-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch bz2075640 - Resolves: bz2071102 RHEL 9.0 guest with vsock device...
Moderate: Red Hat Security Advisory: qemu-kvm security and bug fix update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...