Astra Linux - уязвимость в qemu

A NULL pointer dereference flaw was discovered in the am53c974 SCSI host bus adapter emulation in QEMU in versions prior to 6.0.0. This issue occurs when handling the “Information Transfer” command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a...

MiracleLinux 9 : qemu-kvm-8.2.0-11.el9 (AXSA:2024-7897:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7897:02 advisory. QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019 QEMU: VNC: infinite loop in inflatebuffer leads to denial of service...

RLSA-2024:2135 Moderate: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019...

CVE-2024-24474

A flaw was found in the am53c974 SCSI controller emulation of QEMU. When an SCSI layer transfer is incorrectly terminated, it is possible for a TI command to cause an SCSI buffer overflow due to the expected transfer data length being less than the available data in the FIFO. When this occurs, th...

The vulnerability of the SCSI am53c974 adapter driver in the hardware emulation software QEMU allows a hacker to induce a service failure.

The vulnerability of the SCSI am53c974 adapter driver in the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to cause a system failure...

The vulnerability of the host shell adapter am53c974 in the SCSI emulator hardware support of QEMU allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the am53c974 host shell adapter in the SCSI emulator and hardware support provided by QEMU relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host resulting in a denial of service. The highest threat from this vulnerability is to system availability.

...

DEBIAN-CVE-2020-35505

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of...

DEBIAN-CVE-2020-35506

A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command CMDTI. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of servi...

UBUNTU-CVE-2020-35505

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of...

CVE-2020-35505

Summary: CVE-2020-35505 affects the QEMU am53c974 SCSI host bus adapter emulation, prior to version 6.0.0. Root cause: a NULL pointer dereference while processing the Information Transfer command. Impact: a privileged guest can crash the host QEMU process, causing a denial of service and primaril...

QEMU 代码问题漏洞

QEMU Quick Emulator is a set of simulation processor software by French software developer Fabrice Bellard. The software is fast, cross-platform and other characteristics. A null pointer dereference vulnerability exists in am53c974 SCSI host bus adapter emulation in versions of QEMU prior to 6.0....

PT-2020-6719

Name of the Vulnerable Software and Affected Versions QEMU versions prior to 6.0.0 Description A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU. This issue occurs while handling the 'Information Transfer' command. The flaw allows a privileged guest...