23 matches found
TencentOS Server 4: qemu (TSSA-2024:0870)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0870 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CBL Mariner 2.0 Security Update: qemu (CVE-2023-2861)
The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2861 advisory. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit...
Azure Linux 3.0 Security Update: qemu (CVE-2023-2861)
The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2861 advisory. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit...
CVE-2023-2861 affecting package qemu for versions less than 6.2.0-22
CVE-2023-2861 affecting package qemu for versions less than 6.2.0-22. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2023-2861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side,...
openSUSE: Security Advisory for qemu (SUSE-SU-2024:2977-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:2977-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2023-2861: Fixed improper access control on special files via 9p protocol bsc1212968 - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 Other fixes: - Fixed qemu build compilation with binutils...
Ubuntu: Security Advisory (USN-6567-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6567-2: QEMU regression
USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...
EulerOS Virtualization 3.0.6.6 : qemu (EulerOS-SA-2024-1671)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...
CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1
CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1. An upgraded version of the package is available that resolves this issue...
EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2023-2973)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...
CVE-2023-2861
A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...
AZL-35167 CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1
A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...
CVE-2023-2861 Qemu: 9pfs: improper access control on special files
A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...
CVE-2023-2861
The CVE-2023-2861 issue affects QEMU’s 9pfs (9p passthrough filesystem) where the server allowed opening host-side special files, potentially enabling a malicious client to escape the exported 9p tree by creating/opening a device file in the shared folder. Affected are QEMU implementations in var...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-3064)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2999)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2973)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:3800-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...