29 matches found
Siemens RuggedCom Rox Use After Free (CVE-2023-3019)
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. This plugin only works with Tenable.ot. Please visit...
MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-7436:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7436:01 advisory. QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest CVE-2023-3019 Tenable has extracted the preceding description block directly from the...
Alibaba Cloud Linux 3 : 0021: virt:rhel and virt-devel:rhel (ALINUX3-SA-2024:0021)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3750: A DMA reentrancy issue was...
RLSA-2024:0135 Moderate: virt:rhel and virt-devel:rhel security update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
[SECURITY] [DLA 4144-1] qemu security update
Debian LTS Advisory DLA-4144-1 [email protected] https://www.debian.org/lts/security/ Santiago Ruano Rincón April 30, 2025 https://wiki.debian.org/LTS Package : qemu Version : 1:5.2+dfsg-11+deb11u4 CVE ID : CVE-2023-1544 CVE-2023-3019 CVE-2023-5088 CVE-2023-6693 CVE-2024-3447 Debian Bug...
CVE-2023-3019 affecting package qemu for versions less than 6.2.0-23
CVE-2023-3019 affecting package qemu for versions less than 6.2.0-23. A patched version of the package is available...
Advisory ROSA-SA-2025-2814
Software: qemu-kvm 6.2.0 OS: ROSA Virtualization 3.0 packageevrstring: qemu-kvm-6.2.0-53.rv30.2 CVE-ID: CVE-2021-3750 BDU-ID: 2024-04421 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the QEMU hardware emulator is related to a lack of checks to see if the buffer pointer overlaps with the MMIO...
Linux Distros Unpatched Vulnerability : CVE-2023-3019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to...
Mageia: Security Advisory (MGASA-2024-0387)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7094-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12604)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12604 advisory. - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves: rhbz2045718 - Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. -...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt 8.0.0-23.1.0.1 - Set SOURCEDATEEPOCH from changelog Orabug: 32019554 - Add runtime deps for pkg librbd1 = 1:10.2.5 Keshav Sharma 8.0.0-23.1.el8 - remote: check for negative array lengths before allocation CVE-2024-2494...
Oracle Linux 9 : qemu-kvm (ELSA-2024-2135)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2135 advisory. - Resolves: RHEL-19629 CVE-2023-6683 qemu-kvm: QEMU: VNC: NULL pointer dereference in qemuclipboardrequest rhel-9 - Resolves: RHEL-2828 CVE-2023-42467...
openSUSE Security Advisory (SUSE-SU-2024:1438-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for qemu (SUSE-SU-2024:1394-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:1394-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2023-3019: Fixed heap use-after-free in e1000ewritepackettoguest bsc1213269 - CVE-2023-6683: Fixed NULL pointer dereference in qemuclipboardrequest bsc1218889 - CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI comman...
virt:kvm_utils3 security update
hivex libguestfs libguestfs-winsupport 8.9-1 - Rebase to ntfs-3g 2022.10.3 - Fixes: CVE-2022-40284 - resolves: rhbz2236372 libiscsi libnbd libtpms libvirt 9.0.0-5 - Fix off-by-one error in udevListInterfacesByStatus Martin Kletzander Orabug: 36364464 CVE-2024-1441 libvirt-dbus libvirt-python...
Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
virt:ol and virt-devel:rhel security update
hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.2.0-40.el89.2 - Resolves: RHEL-7309 CVE-2023-3019 virt:rhel/qemu-kvm: QEMU: e1000e: heap use-after-free in e1000ewritepackettoguest rhel-8 seabios sgabios...