RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:0569)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0569 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...

SUSE CVE-2020-27661

A divide-by-zero issue was found in dwc2handlepacket in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service...

CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

GLSA-202208-27 : QEMU: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-27 QEMU: Multiple Vulnerabilities - QEMU 4.2.0 has a use-after-free in hw/net/e1000ecore.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address. CVE-2020-15859 -...

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2022-2213)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the...

CVE-2021-3750

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...

CVE-2021-3750

CVE-2021-3750 is a DMA reentrancy issue in QEMU’s USB EHCI controller emulation. EHCI may write to its own registers if a Buffer Pointer overlaps the MMIO region during a transfer, enabling a use-after-free that could crash the host QEMU process or, potentially, allow arbitrary code execution. Af...

CVE-2021-3750

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...

UBUNTU-CVE-2021-3929

A DMA reentrancy issue was found in the NVM Express Controller NVME emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvmectrlreset, data structs will be freed leading to a use-after-free issue. A malicious guest could...

Oracle Linux 8 : kvm_utils (ELSA-2021-9568)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9568 advisory. - In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. CVE-2020-15469 - A flaw was foun...

UBUNTU-CVE-2021-3409

The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest to crash the QEMU process on the host, resultin...

CVE-2021-3409

CVE-2021-3409 affects QEMU up to 5.2.0 and stems from an ineffective patch for CVE-2020-17380/CVE-2020-25085, leading to a heap/buffer overflow in the SDHCI controller emulation. Astra Linux reports these issues as a heap-based overflow triggered by a mis-handled write in the SDHC_BLKSIZE path of...

SUSE SLES12 Security Update : qemu (SUSE-SU-2020:1514-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2020-1711: Fixed a potential OOB access in the iSCSI client code bsc1166240. CVE-2019-12068: Fixed a potential DoS in the LSI SCSI controller emulation bsc1146873. CVE-2020-1983: Fixed a use-after-free in the ipreass...

openSUSE: Security Advisory for qemu (openSUSE-SU-2019:2510-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for qemu (important)

openSUSE Security Update: Security update for qemu Announcement ID: openSUSE-SU-2019:2505-1 Rating: important References: 1119991 1146873 1152506 1155812 Cross-References: CVE-2018-12207 CVE-2018-20126 CVE-2019-11135 CVE-2019-12068 Affected Products: openSUSE Leap 15.0 An update that fixes four...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2018:3927-1)

This update for qemu fixes the following issues : Security issues fixed : CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use...

Security Bulletin: Multiple vulnerabilities in qemu affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in qemu. These vulnerabilities have been addressed by IBM. Vulnerability Details CVEID: CVE-2016-5338 DESCRIPTION: Qemu, built with the ESP/NCR53C9x controller emulation support, is vulnerable to a denial of service, caused by an out of boun...

Ubuntu: Security Advisory (USN-3414-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3268-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-10028 It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker...

DEBIAN-CVE-2016-2198

QEMU aka Quick Emulator built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting ...