25 matches found
virt:ol and virt-devel:ol security update
qemu-kvm 4.2.0-59.el85 - kvm-hw-scsi-scsi-disk-MODEPAGEALLS-not-allowed-in-MODE.patch bz2025605 - kvm-e1000-fix-tx-re-entrancy-problem.patch bz2025011 - Resolves: bz2025605 CVE-2021-3930 virt:rhel/qemu-kvm: QEMU: off-by-one error in modesensepage in hw/scsi/scsi-disk.c rhel-8.5.0.z - Resolves:...
Linux Distros Unpatched Vulnerability : CVE-2021-3930
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in modesensepage if the 'page' argument...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:5238)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5238 advisory. - An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if...
Ubuntu: Security Advisory (USN-5772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5772-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2021-3682 It...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2533)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3930 affecting package qemu for versions less than 6.2.0-2
CVE-2021-3930 affecting package qemu for versions less than 6.2.0-2. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-1598)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3930 affecting package qemu-kvm 4.2.0-48
CVE-2021-3930 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...
[SECURITY] [DLA 2970-1] qemu security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2970-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 04, 2022 https://wiki.debian.org/LTS -...
SUSE: Security Advisory (SUSE-SU-2022:0930-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for qemu (openSUSE-SU-2022:0930-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Ubuntu: Security Advisory (USN-5307-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5307-1: QEMU vulnerabilities
Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2021-20196 Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. A...
AZL-8671 CVE-2021-3930 affecting package qemu for versions less than 6.2.0-2
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in modesensepage if the 'page' argument was set to MODEPAGEALLS 0x3f. A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service conditio...
CVE-2021-3930
CVE-2021-3930 concerns an off-by-one error in the SCSI device emulation of QEMU during MODE SELECT handling in mode_sense_page() when page is MODE_PAGE_ALLS (0x3f). The vulnerability can allow a malicious guest to crash QEMU, causing a denial of service. Affected software is QEMU (various release...
Low: Red Hat Security Advisory: virt:av and virt-devel:av security and bug fix update
An update for the virt:av and virt-devel:av modules is now available for Red Hat Enterprise Linux Advanced Virtualization 8.5. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:5238)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:5238 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
Low: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
ALSA-2021:5238 Low: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...