ROS-20240611-14

The QEMU hardware emulator vulnerability is related to an infinite loop error in QEMU emulation of a USB xHCI controller when calculating the length of the transfer request block TRB ring. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in th...

EulerOS Virtualization 3.0.6.0 : qemu (EulerOS-SA-2024-1711)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-1711)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : qemu (EulerOS-SA-2024-1671)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-1671)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2023-2973)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

EulerOS Virtualization 2.11.0 : qemu (EulerOS-SA-2023-3082)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-3064)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2023-2929)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2023-2887)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands whe...

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2023-2906)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands whe...

EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2023-2948)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : QEMU vulnerabilities (USN-6567-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6567-1 advisory. Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attack...

Design/Logic Flaw

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

CVE-2023-2861

The CVE-2023-2861 issue affects QEMU’s 9pfs (9p passthrough filesystem) where the server allowed opening host-side special files, potentially enabling a malicious client to escape the exported 9p tree by creating/opening a device file in the shared folder. Affected are QEMU implementations in var...

CVE-2023-2861 Qemu: 9pfs: improper access control on special files

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

CVE-2023-2861 Qemu: 9pfs: improper access control on special files

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-3082)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-3064)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : kernel (SUSE-SU-2023:4095-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4095-1 advisory. The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixe...