Astra Linux - уязвимость в qemu

A issue was discovered in QEMU through version 5.1.0. An out-of-bounds memory access was identified in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c, during handling of MMIO write operations via the atimmwrite callback. A malicious guest could...

Astra Linux - уязвимость в qemu

A buffer overflow vulnerability was discovered in the ATI VGA device emulation provided by QEMU. This vulnerability occurs in the ati2dblt routine, during the handling of MMIO write operations, when the guest provides invalid values for the destination display parameters. A malicious guest could...

EUVD-2020-17086

Malware in sbrugna...

EUVD-2020-4209

Malware in sbrugna...

EUVD-2019-11345

Malware in sbrugna...

EUVD-2020-6015

Malware in sbrugna...

USN-6567-2 qemu regression

USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...

Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...

SUSE SLES15 Security Update : qemu (SUSE-SU-2024:0589-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0589-1 advisory. - An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt routine while handlin...

Ubuntu: Security Advisory (USN-6567-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : QEMU vulnerabilities (USN-6567-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6567-1 advisory. Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attack...

SUSE SLES15 Security Update : qemu (SUSE-SU-2023:3444-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3444-1 advisory. - An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt routine...

SUSE CVE-2020-13800

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mmindex value during an atimmread or atimmwrite call...

SUSE CVE-2020-24352

An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...

SUSE CVE-2021-3638

An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this flaw to crash the QE...

Fedora 36 : qemu (2023-c8a60f6f80)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c8a60f6f80 advisory. ati-vga: out-of-bounds write in ati2dblt CVE-2021-3638 rhbz1979882 qxl: qxlphys2virt unsafe address translation CVE-2022-4144 rhbz2148542 linux-user...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-1182)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2023-1182)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt routine whi...

EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2023-1161)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati2dblt routine whi...