43 matches found
virt:ol and virt-devel:ol security update
qemu-kvm 4.2.0-59.el85 - kvm-hw-scsi-scsi-disk-MODEPAGEALLS-not-allowed-in-MODE.patch bz2025605 - kvm-e1000-fix-tx-re-entrancy-problem.patch bz2025011 - Resolves: bz2025605 CVE-2021-3930 virt:rhel/qemu-kvm: QEMU: off-by-one error in modesensepage in hw/scsi/scsi-disk.c rhel-8.5.0.z - Resolves:...
Linux Distros Unpatched Vulnerability : CVE-2021-20257
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:5238)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5238 advisory. - An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if...
Low: qemu
Issue Overview: An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulti...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2533)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-20257 affecting package qemu for versions less than 6.2.0-2
CVE-2021-20257 affecting package qemu for versions less than 6.2.0-2. An upgraded version of the package is available that resolves this issue...
CVE-2021-20257 affecting package qemu-kvm 4.2.0-38
CVE-2021-20257 affecting package qemu-kvm 4.2.0-38. A patched version of the package is available...
SUSE: Security Advisory (SUSE-SU-2022:1375-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xen (SUSE-SU-2022:1375-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1375-1 advisory. - An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in...
CVE-2021-20257
creationtimestamp| type| source ---|---|--- 2022-03-16 17:20:44+00:00| seen| https://t.me/cibsecurity/39039 2023-11-15 16:53:03+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5977...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
CVE-2021-20257
CVE-2021-20257 concerns QEMU’s e1000 NIC emulator. The issue is an infinite loop in process_tx_desc when tx descriptor fields are invalid, allowing a guest to exhaust host CPU and cause DoS. Connected advisories confirm this affects QEMU and related builds (e.g., Debian LTS, Red Hat/AL2, Astra Li...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
Low: Red Hat Security Advisory: virt:av and virt-devel:av security and bug fix update
An update for the virt:av and virt-devel:av modules is now available for Red Hat Enterprise Linux Advanced Virtualization 8.5. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:5238)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5238 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
Low: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
Low: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
ALSA-2021:5238 Low: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:5238)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:5238 advisory. - QEMU: net: e1000: infinite loop while processing transmit descriptors CVE-2021-20257 - QEMU: off-by-one error in modesensepage in hw/scsi/scsi-disk.c...
qemu security update
15:4.2.1-10.el7 - e1000: fail early for evil descriptor Jason Wang Orabug: 32560552 CVE-2021-20257 - Document CVE-2020-27661 as fixed Mark Kanda Orabug: 32960200 CVE-2020-27661 - block: Avoid stale pointer dereference in blkgetaiocontext Greg Kurz - block: Fix blk-inflight during...