6 matches found
Astra Linux – Vulnerability in Qemu
A issue was discovered in QEMU versions 7.1.0 through 8.2.1. The registervfs function in hw/pci/pciesriov.c mishandles the situation where a guest writes a number of NumVFs that is greater than the total number of TotalVFs, resulting in a buffer overflow in VF implementations...
An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations.
...
qemu-kvm: pcie: improper validation of NumVFs leads to buffer overflow
A flaw was found in the SR/IOV emulation support of QEMU. The registervfs function in hw/pci/pciesriov.c mishandled the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF Virtual Function implementations. This flaw allows a malicious guest to crash QEM...
The vulnerability of the `register_vfs()` function (hw/pci/pcie_sriov.c) in the QEMU hardware/software emulator allows a attacker to cause a service failure.
The vulnerability of the registervfs function in the QEMU hardware/PCI/PcieSRIOV.c emulator is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
SUSE CVE-2024-26328
An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c does not set NumVFs to PCISRIOVTOTALVF, and thus interaction with hw/nvme/ctrl.c is mishandled...
AZL-61710 CVE-2024-26328 affecting package qemu for versions less than 8.2.0-16
An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c does not set NumVFs to PCISRIOVTOTALVF, and thus interaction with hw/nvme/ctrl.c is mishandled...