Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: Adjust error handling in case of absent codec device. The acpigetfirstphysicalnode function can return NULL in several cases e.g., when no such device exists, an ACPI table error occurs, the reference count drops to 0,...

EUVD-2026-27675

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

PT-2026-37617

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the APEI/GHES component where the ghes new function fails to properly validate the size of CPER records. While the logic prevents allocating records larger than GHES...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988893)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988893 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: Fix integer overflow in ghesestatuspoolinit Change numghes from int to unsigned int,...

USN-6167-1: QEMU vulnerabilities

It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubunt...

AlmaLinux 9 : qemu-kvm (ALSA-2023:2162)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2162 advisory. - An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use...

QEMU: ACPI ERST: memory corruption issues in read_erst_record and write_erst_record

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...

QEMU Buffer Overflow Vulnerability (CNVD-2022-84156)

QEMU Quick Emulator is a set of emulation processor software by Fabrice Bellard, a French personal developer. The software is fast and cross-platform. QEMU suffers from a buffer overflow vulnerability that stems from a lack of validation of the input data size or length in the readerstrecord and...

QEMU 安全漏洞

QEMU Quick Emulator is a set of emulation processor software by Fabrice Bellard, a French personal developer. The software is fast and cross-platform. QEMU suffers from a buffer overflow vulnerability that stems from a lack of validation of the input data size or length in the readerstrecord and...

CVE-2022-4172

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...

CVE-2022-4172

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table ERST device of QEMU in the readerstrecord and writeerstrecord functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could...