8 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-36648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu an...
Azure Linux 3.0 Security Update: qemu (CVE-2022-36648)
The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36648 advisory. - The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier,...
CBL Mariner 2.0 Security Update: qemu (CVE-2022-36648)
The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36648 advisory. - The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier,...
CVE-2022-36648
A NULL pointer dereference bug was found in the rocker device emulated ethernet switch of QEMU. The rockertlvparsenested function could return early because of no group ids in the grouptlvs array. In such case, the tlvs pointer is NULL and tlvsi + 1 in the next for-loop iteration ends up...
CVE-2022-36648
The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third...
AZL-28069 CVE-2022-36648 affecting package qemu for versions less than 6.2.0-17
The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third...
CVE-2022-36648
The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third...
CVE-2022-36648
The CVE-2022-36648 entry concerns QEMU’s rocker device model, specifically the of_dpa_cmd_add_l2_flood path, in versions 7.0.0 and earlier. The vulnerability is described as allowing remote attackers to crash the host QEMU and potentially execute code on the host by executing a malformed program ...