10 matches found
CVE-2024-26328 affecting package qemu for versions less than 8.2.0-16
CVE-2024-26328 affecting package qemu for versions less than 8.2.0-16. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2024-0387)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12792)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12792 advisory. - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves:...
qemu-kvm security update
7.2.0-15.el9 - migration: abort on destination if switchover limit exceeded Elena Ufimtseva - migration: introduce strict switchover SLA Elena Ufimtseva - migration: add error to MigrationIncomingState Elena Ufimtseva - migration: Set migration status early in incoming side Fabiano Rosas -...
Oracle Linux 9 : qemu-kvm (ELSA-2024-12674)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12674 advisory. - hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs Philippe Mathieu-Daude Orabug: 36869694 CVE-2024-3446 - hw/char/virtio-serial-bus: Protec...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12604)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12604 advisory. - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves: rhbz2045718 - Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. -...
USN-6977-1 qemu vulnerabilities
It was discovered that QEMU did not properly handle certain memory operations, which could result in a buffer overflow. An attacker could potentially use this issue to cause a denial of service. CVE-2024-26327 It was discovered that QEMU did not properly handle certain memory operations, which...
Ubuntu 24.04 LTS : QEMU vulnerabilities (USN-6977-1)
The remote Ubuntu 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6977-1 advisory. It was discovered that QEMU did not properly handle certain memory operations, which could result in a buffer overflow. An attacker could potentially use...
CVE-2024-26328
An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c does not set NumVFs to PCISRIOVTOTALVF, and thus interaction with hw/nvme/ctrl.c is mishandled...
CVE-2024-26328
CVE-2024-26328 details (Mode C) : Affects QEMU 7.1.0–8.2.1. In hw/pci/pcie_sriov.c, register_vfs fails to set NumVFs to PCI_SRIOV_TOTAL_VF, which causes improper interaction with hw/nvme/ctrl.c. The result is mishandling of SR-IOV virtual functions and related NVMe interactions, per the advisory ...