Lucene search
K

23 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 4: qemu (TSSA-2024:0870)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0870 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: qemu (CVE-2023-2861)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2861 advisory. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/13 12:0 a.m.12 views

Azure Linux 3.0 Security Update: qemu (CVE-2023-2861)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2861 advisory. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/04/11 6:10 p.m.9 views

CVE-2023-2861 affecting package qemu for versions less than 6.2.0-22

CVE-2023-2861 affecting package qemu for versions less than 6.2.0-22. A patched version of the package is available...

7.1CVSS6.9AI score0.00376EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-2861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side,...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/28 12:0 a.m.20 views

openSUSE: Security Advisory for qemu (SUSE-SU-2024:2977-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00376EPSS
Exploits0References2
OSV
OSV
added 2024/08/20 8:8 a.m.18 views

SUSE-SU-2024:2977-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2023-2861: Fixed improper access control on special files via 9p protocol bsc1212968 - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 Other fixes: - Fixed qemu build compilation with binutils...

7.8CVSS7.1AI score0.00376EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.39 views

Ubuntu: Security Advisory (USN-6567-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6AI score0.01891EPSS
Exploits3References3
Ubuntu
Ubuntu
added 2024/06/06 12:29 p.m.295 views

USN-6567-2: QEMU regression

USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...

7.1AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.37 views

EulerOS Virtualization 3.0.6.6 : qemu (EulerOS-SA-2024-1671)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.22 views

CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1

CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1. An upgraded version of the package is available that resolves this issue...

7.1CVSS7.4AI score0.00376EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.27 views

EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2023-2973)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...

7.5CVSS6.4AI score0.01606EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/12/06 7:15 a.m.2 views

CVE-2023-2861

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References6
OSV
OSV
added 2023/12/06 7:15 a.m.7 views

AZL-35167 CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/06 6:19 a.m.38 views

CVE-2023-2861 Qemu: 9pfs: improper access control on special files

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

6CVSS7.3AI score0.00376EPSS
Exploits0References5
CVE
CVE
added 2023/12/06 6:19 a.m.185 views

CVE-2023-2861

The CVE-2023-2861 issue affects QEMU’s 9pfs (9p passthrough filesystem) where the server allowed opening host-side special files, potentially enabling a malicious client to escape the exported 9p tree by creating/opening a device file in the shared folder. Affected are QEMU implementations in var...

7.1CVSS6.5AI score0.00376EPSS
Exploits0References5Affected Software1
OpenVAS
OpenVAS
added 2023/10/31 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-3064)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.01891EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/10/13 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2999)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01606EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/10/13 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2973)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01606EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/09/28 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2023:3800-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8AI score0.01606EPSS
Exploits3References13
Rows per page
Query Builder