426 matches found
GSD-2022-1001338 net/smc: use memcpy instead of snprintf to avoid out of bounds read
net/smc: use memcpy instead of snprintf to avoid out of bounds read This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11 by commit...
GSD-2022-1000981 net/smc: use memcpy instead of snprintf to avoid out of bounds read
net/smc: use memcpy instead of snprintf to avoid out of bounds read This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.11 by commit...
AlmaLinux 8 : virt:rhel (ALSA-2019:3345)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3345 advisory. ntfs-3g: heap-based buffer overflow leads to local root privilege escalation CVE-2019-9755 QEMU: slirp: information leakage in tcpemu due to uninitialized...
CLSA-2021-1639686040 Fix CVE(s): CVE-2021-3984, CVE-2021-3973, CVE-2021-3974, CVE-2021-4019, CVE-2021-4069
SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column -...
SUSE: Security Advisory (SUSE-SU-2019:13991-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GSD-2021-1000232 wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
GSD-2021-1000344 wlcore: Fix buffer overrun by snprintf due to incorrect buffer size
wlcore: Fix buffer overrun by snprintf due to incorrect buffer size This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
USN-4632-1: SLiRP vulnerabilities
It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service application crash or...
USN-4632-1 slirp vulnerabilities
It was discovered that the SLiRP networking implementation of the QEMU emulator did not properly manage memory under certain circumstances. An attacker could use this to cause a heap-based buffer overflow or other out- of-bounds access, which can lead to a denial of service application crash or...
SUSE SLES12 Security Update : xen (SUSE-SU-2020:2234-1)
This update for xen fixes the following issues : bsc1174543 - secure boot related fixes bsc1163019 - CVE-2020-8608: Potential OOB access due to unsafe snprintf usages bsc1169392 - CVE-2020-11742: Bad continuation handling in GNTTABOPcopy bsc1168140 - CVE-2020-11740, CVE-2020-11741: Multiple...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
Important: Red Hat Security Advisory: qemu-kvm security update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
RHEL 7 : qemu-kvm (RHSA-2020:2844)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:2844 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the...
RHEL 7 : slirp4netns (RHSA-2020:0889)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:0889 advisory. The slirp4netns package contains user-mode networking for unprivileged network namespaces. It is required to enable networking for rootless...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...
RHEL 7 : qemu-kvm-rhev (RHSA-2020:2730)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2730 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...
QEMU: Slirp: potential OOB access due to unsafe snprintf() usages
An out-of-bounds heap buffer access flaw was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in tcpemu routine while emulating IRC and other protocols due to unsafe usage of the snprintf3 function. A user or process could use this flaw to crash the QEMU process...