Lucene search
K

35 matches found

Oracle linux
Oracle linux
added 2026/02/16 12:0 a.m.48 views

virt:ol and virt-devel:ol security update

qemu-kvm 4.2.0-59.el85.2 - kvm-virtiofsd-Drop-membership-of-all-supplementary-group.patch bz2048627 - Resolves: bz2048627 CVE-2022-0358 virt:rhel/qemu-kvm: QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 rhel-8.5.0.z...

7.8CVSS6.4AI score0.0101EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.3 views

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2022-3122:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3122:01 advisory. QEMU: virtiofsd: potential privilege escalation via CVE-2018-13405 CVE-2022-0358 Tenable has extracted the preceding description block directly from the...

7.8CVSS6.5AI score0.0101EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0022: virt:rhel and virt-devel:rhel (ALINUX3-SA-2022:0022)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0022 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-0358: RESERVED This candidate has been...

7.8CVSS7.3AI score0.00332EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-0358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user c...

7.8CVSS6.3AI score0.0101EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.12 views

Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2022-0358)

The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0358 advisory. - A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw...

7.8CVSS6.4AI score0.0101EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.15 views

Fedora 36 : qemu (2022-d73cfd3a36)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-d73cfd3a36 advisory. Automatic update for qemu-6.2.0-4.fc36.1. Changelog Wed Feb 9 2022 Eduardo Lima Etrunko - 2:6.2.0-4 - virtiofsd: Drop membership of all supplementar...

7.8CVSS6.6AI score0.0101EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/08/06 12:0 a.m.23 views

CBL Mariner 2.0 Security Update: qemu / qemu-kvm (CVE-2022-0358)

The version of qemu / qemu-kvm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0358 advisory. - A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw...

7.8CVSS6.4AI score0.0101EPSS
Exploits2References2
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.28 views

CVE-2022-0358 affecting package qemu for versions less than 6.2.0-18

CVE-2022-0358 affecting package qemu for versions less than 6.2.0-18. A patched version of the package is available...

7.8CVSS7.9AI score0.00332EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.33 views

CentOS 9 : qemu-kvm-6.2.0-7.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the qemu-kvm-6.2.0-7.el9 build changelog. - The inodeinitowner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group...

7.8CVSS6.5AI score0.0101EPSS
Exploits2References3
CBLMariner
CBLMariner
added 2023/01/12 8:55 p.m.22 views

CVE-2022-0358 affecting package qemu-kvm 4.2.0-41

CVE-2022-0358 affecting package qemu-kvm 4.2.0-41. A patched version of the package is available...

7.8CVSS7.5AI score0.00332EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.35 views

Amazon Linux 2022 : qemu, qemu-audio-alsa, qemu-audio-oss (ALAS2022-2022-050)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-050 advisory. A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files with an unintended group ownership and with group execution...

7.8CVSS6.6AI score0.0101EPSS
Exploits2References5
NVD
NVD
added 2022/08/29 3:15 p.m.37 views

CVE-2022-0358

A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certa...

7.8CVSS0.00332EPSS
Exploits0References4
OSV
OSV
added 2022/08/29 3:15 p.m.5 views

AZL-10763 CVE-2022-0358 affecting package qemu for versions less than 6.2.0-5

A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certa...

7.8CVSS7.1AI score0.00332EPSS
Exploits0References1
CVE
CVE
added 2022/08/29 12:0 a.m.321 views

CVE-2022-0358

CVE-2022-0358 pertains to the QEMU virtio-fs daemon (virtiofsd) and describes a local-privilege issue tied to an existing CVE-2018-13405 scenario. A local guest user can create files in directories shared by virtio-fs that are SGID-writable and belong to a specific group, causing files to acquire...

7.8CVSS6.7AI score0.00332EPSS
Exploits0References4Affected Software1
CBLMariner
CBLMariner
added 2022/07/22 5:3 p.m.17 views

CVE-2022-0358 affecting package qemu for versions less than 6.2.0-5

CVE-2022-0358 affecting package qemu for versions less than 6.2.0-5. A patched version of the package is available...

7.8CVSS7.9AI score0.00332EPSS
Exploits0
OSV
OSV
added 2022/07/22 11:4 a.m.4 views

OESA-2022-1772 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to crash the QEMU process on the host, resulting in ...

7.8CVSS6.5AI score0.00375EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/06/22 12:0 a.m.35 views

Ubuntu: Security Advisory (USN-5489-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.9AI score0.02701EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2022/05/10 12:0 a.m.233 views

Debian DSA-5133-1 : qemu - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5133 advisory. Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service or the execution of arbitrary code. For the...

8.2CVSS6.9AI score0.02701EPSS
Exploits2References13
Debian
Debian
added 2022/05/09 8:44 p.m.62 views

[SECURITY] [DSA 5133-1] qemu security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5133-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 09, 2022 https://www.debian.org/security/faq -...

8.2CVSS7.2AI score0.02701EPSS
Exploits2
OpenVAS
OpenVAS
added 2022/03/23 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:0930-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00338EPSS
Exploits0References2
Rows per page
Query Builder