18 matches found
TencentOS Server 3: virt and virt-devel (TSSA-2023:0110)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0110 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Azure Linux 3.0 Security Update: qemu (CVE-2022-3165)
The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3165 advisory. - An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the...
CBL Mariner 2.0 Security Update: qemu (CVE-2022-3165)
The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3165 advisory. - An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the...
CVE-2022-3165 affecting package qemu for versions less than 6.2.0-18
CVE-2022-3165 affecting package qemu for versions less than 6.2.0-18. A patched version of the package is available...
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
Oracle Linux 9 : qemu-kvm (ELSA-2023-2162)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2162 advisory. - Resolves: bz2149108 CVE-2022-4172 qemu-kvm: QEMU: ACPI ERST: memory corruption issues in readerstrecord and writeerstrecord rhel-9 - Resolves:...
AlmaLinux 9 : qemu-kvm (ALSA-2023:2162)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2162 advisory. - An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use...
Moderate: Red Hat Security Advisory: qemu-kvm security, bug fix, and enhancement update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
ALSA-2023:2162 Moderate: qemu-kvm security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. The following packages have been upgraded to a later upstream version: qemu-kvm 7.2.0...
CVE-2022-3165 affecting package qemu for versions less than 6.2.0-15
CVE-2022-3165 affecting package qemu for versions less than 6.2.0-15. A patched version of the package is available...
virt:kvm_utils security update
libvirt 5.7.0-38.el8 - qemu: Don't report spurious errors from vCPU tid validation on hotunplug timeout Shaleen Bathla Orabug: 34826758 - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 - qemu: Set default qdisc before setting bandwidth Michal...
Oracle Linux 8 : virt:kvm_utils (ELSA-2023-12108)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12108 advisory. - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 - hw/display/ati2d: Fix buffer overflow in ati2dblt...
qemu security update
15:4.2.1-24.el7 - Revert 'virtio-scsi: Send 'REPORTED LUNS CHANGED' sense data upon disk hotplug events' Mark Kanda Orabug: 34905939 15:4.2.1-23.el7 - hw/display/ati2d: Fix buffer overflow in ati2dblt CVE-2021-3638 Philippe Mathieu-Daude Orabug: 33930374 CVE-2021-3638 - tests/acpi: virt: update...
Ubuntu: Security Advisory (USN-5772-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5772-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2021-3682 It...
DEBIAN-CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2022-3165
CVE-2022-3165 is an integer underflow in the QEMU VNC server (vnc_client_cut_text_ext) when handling ClientCutText in the extended format. The flaw can cause QEMU to become unresponsive/CPU-exhausted (denial of service). Multiple connected advisories document affected QEMU versions and note that ...
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...