21 matches found
CVE-2022-0216 affecting package qemu-kvm 4.2.0-48
CVE-2022-0216 affecting package qemu-kvm 4.2.0-48. No patch is available currently...
SUSE: Security Advisory (SUSE-SU-2024:1395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:1395-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free bsc1190011 - CVE-2022-0216: Fixed use-after-free in lsidomsgout function in hw/scsi/lsi53c895a.c bsc1198038 - CVE-2023-0330: Fixed DMA reentrancy issue that could lead to...
SUSE: Security Advisory (SUSE-SU-2023:2358-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0761-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:0840-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2022-4144: Fixed unsafe address translation can lead to out-of-bounds read in qxlphys2virt bsc1205808. - CVE-2021-3507: Fixed heap buffer overflow in DMA read data transfers in fdc bsc1185000. - CVE-2020-14394: Fixed infinite loop in...
Debian: Security Advisory (DLA-3362-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2022-2925)
According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Blo...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2925)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2951)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-5772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5772-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2021-3682 It...
Oracle Linux 8 : kvm_utils (ELSA-2022-9986)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9986 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 Tenable has extracted the preceding description block directly from the Oracl...
SUSE: Security Advisory (SUSE-SU-2022:3660-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:3660-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2022-0216: Fixed a use after free issue found in hw/scsi/lsi53c895a.c. bsc1198038 - CVE-2022-35414: Fixed an uninitialized read during address translation that leads to a crash. bsc1201367...
SUSE: Security Advisory (SUSE-SU-2022:3594-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : kvm_utils2 (ELSA-2022-9862)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9862 advisory. - A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated message...
Oracle Linux 9 : qemu-kvm (ELSA-2022-9869)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9869 advisory. - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small...
OESA-2022-1907 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including one or several processors and various peripherals. It can be used to launch...
CVE-2022-0216
CVE-2022-0216 is a use-after-free vulnerability in the LSI53C895A SCSI HBA emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via lsi_do_msgout, enabling a privileged guest user to crash the QEMU host process and cause a denial of service. Con...