Lucene search
+L

19 matches found

nessus
nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.3 (AXSA:2021-1371:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1371:01 advisory. QEMU: loader: OOB access while loading registered ROM may lead to code execution CVE-2020-13765 QEMU: reachable assertion failure in...

6.8CVSS7.9AI score0.02409EPSS
Exploits0References3
nessus
nessus
added 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2020-13765

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory...

6.8CVSS6.8AI score0.02409EPSS
Exploits0References2
openvas
openvas
added 2024/11/11 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-7094-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.03566EPSS
Exploits1References3
susecve
susecve
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

7.2CVSS6.9AI score0.02409EPSS
Exploits0References15
openvas
openvas
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2021:14704-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7AI score0.07393EPSS
Exploits3References17
openvas
openvas
added 2021/04/26 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:1305-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.05447EPSS
Exploits4References25
nessus
nessus
added 2021/03/20 12:0 a.m.64 views

Amazon Linux AMI : qemu-kvm (ALAS-2021-1488)

The version of qemu-kvm installed on the remote host is prior to 1.5.3-156.26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1488 advisory. An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the...

6.8CVSS7AI score0.02409EPSS
Exploits0References5
nessus
nessus
added 2021/03/19 12:0 a.m.44 views

Amazon Linux 2 : qemu (ALAS-2021-1617)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1617 advisory. An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the romcopy...

6.8CVSS7AI score0.02409EPSS
Exploits0References5
openvas
openvas
added 2021/03/05 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2021-1455)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.4AI score0.05447EPSS
Exploits3References2
openvas
openvas
added 2021/02/04 12:0 a.m.23 views

CentOS: Security Advisory for qemu-img (CESA-2021:0347)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.8CVSS5.8AI score0.02409EPSS
Exploits0References2
oraclelinux
oraclelinux
added 2021/02/03 12:0 a.m.71 views

qemu-kvm security and bug fix update

1.5.3-175.el79.3 - kvm-Suppress-prototype-warning-for-nss-headers.patch bz1884997 - Resolves: bz1884997 qemu-kvm FTBFS on rhel7.9 1.5.3-175.el79.2 - kvm-hw-net-vmxnettxpkt-fix-assertion-failure-in-vmxnet.patch bz1860960 - kvm-hw-core-loader-Fix-possible-crash-in-romcopy.patch bz1842923 - Resolves...

6.8CVSS1.4AI score0.02409EPSS
Exploits0
nessus
nessus
added 2021/02/03 12:0 a.m.56 views

RHEL 7 : qemu-kvm (RHSA-2021:0347)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0347 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...

6.8CVSS7.4AI score0.02409EPSS
Exploits0References8
redhat
redhat
added 2021/02/02 12:6 p.m.57 views

Moderate: Red Hat Security Advisory: qemu-kvm security and bug fix update

An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

6.8CVSS7.1AI score0.02409EPSS
Exploits0References4
ubuntu
ubuntu
added 2020/08/19 5:1 p.m.84 views

USN-4467-1: QEMU vulnerabilities

Ziming Zhang and VictorV discovered that the QEMU SLiRP networking implementation incorrectly handled replying to certain ICMP echo requests. An attacker inside a guest could possibly use this issue to leak host memory to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS...

6.8CVSS6.8AI score0.02409EPSS
Exploits0
debian
debian
added 2020/06/29 8:49 p.m.65 views

[SECURITY] [DLA 2262-1] qemu security update

Package : qemu Version : 1:2.1+dfsg-12+deb8u15 CVE ID : CVE-2020-1983 CVE-2020-13361 CVE-2020-13362 CVE-2020-13765 Debian Bug : Several vulnerabilities were fixed in qemu, a fast processor emulator. CVE-2020-1983 slirp: Fix use-after-free in ipreass. CVE-2020-13361 es1370transferaudio in...

7.5CVSS7.5AI score0.02409EPSS
Exploits1
osv
osv
added 2020/06/04 4:15 p.m.34 views

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

5.6CVSS6.9AI score
Exploits0References7
cve
cve
added 2020/06/04 3:26 p.m.227 views

CVE-2020-13765

CVE-2020-13765 affects QEMU 4.0 and 4.1.0, where rom_copy() in hw/core/loader.c does not validate the relationship between two addresses, enabling an out-of-bounds memory copy and potentially code execution. Public advisories (e.g., Oracle Linux ELSA entries and MiracleLinux AXSA-2021-1371) indic...

6.8CVSS5.7AI score0.02409EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2020/06/04 3:26 p.m.26 views

CVE-2020-13765

romcopy in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation...

6.2AI score0.02409EPSS
Exploits0References7
redhatcve
redhatcve
added 2020/06/03 7:21 p.m.40 views

CVE-2020-13765

An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the romcopy routine while loading the contents of a 32-bit -kernel image into memory. Running an untrusted -kernel image may load contents at arbitrary memory locations, potentially...

6.8CVSS6.1AI score0.02409EPSS
Exploits0References3
Rows per page
Query Builder