55 matches found
CVE-2026-23085
In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...
EUVD-2016-5442
Malware in sbrugna...
EUVD-2018-17452
Malware in sbrugna...
EUVD-2017-15025
Malware in sbrugna...
EUVD-2016-5009
Malware in sbrugna...
CVE-2025-22013
The CVE-2025-22013 entry concerns Linux kernel KVM on arm64, where host FPSIMD/SVE/SME state could be lazily saved and flushed, risking stale host state in memory and related issues (e.g., SVE discard due to TIF_SVE/CPACR_ELx.ZEN config, ptrace modifications, and non‑protected VM scenarios). The ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly saving host FPSIMD/SVE/SME state, which could lead to a QEMU crash or ptrace ABI change...
Linux Distros Unpatched Vulnerability : CVE-2016-2857
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The netchecksumcalculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service out-of-bounds heap read and crash via the...
Linux Distros Unpatched Vulnerability : CVE-2016-9922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cirrusdocopy function in hw/display/cirrusvga.c in QEMU aka Quick Emulator, when cirrus graphics mode is VGA, allows local guest OS privileged users to caus...
Linux Distros Unpatched Vulnerability : CVE-2016-4001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the stellarisenetreceive function in hw/net/stellarisenet.c in QEMU, when the Stellaris ethernet controller is configured to accept large...
QEMU Security Vulnerabilities
QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A security vulnerability exists in QEMU that originates from a NULL pointer dereference, which causes QEMU to crash and trigger a denial of...
OESA-2023-1894 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used...
OESA-2023-1896 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used...
DEBIAN-CVE-2023-42467
QEMU through 8.0.0 could trigger a division by zero in scsidiskreset in hw/scsi/scsi-disk.c because scsidiskemulatemodeselect does not prevent s-qdev.blocksize from being 256. This stops QEMU and the guest immediately...
AZL-25807 CVE-2023-1544 affecting package qemu for versions less than 6.2.0-23
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...
SUSE CVE-2023-1544
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...
SUSE CVE-2015-7549
The MSI-X MMIO support in hw/pci/msix.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by leveraging failure to define the .write method...
SUSE CVE-2016-8578
The v9fsiovvunmarshal function in fsdev/9p-iov-marshal.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash by sending an empty string parameter to a 9P operation...
SUSE CVE-2017-9503
QEMU aka Quick Emulator, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash via vectors involving megasas command processing...
SUSE CVE-2017-11334
The addressspacewritecontinue function in exec.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds access and guest instance crash by leveraging use of qemumapramptr to access guest ram block area...