Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.12 views

Alibaba Cloud Linux 3 : 0021: virt:rhel and virt-devel:rhel (ALINUX3-SA-2024:0021)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3750: A DMA reentrancy issue was...

8.2CVSS7.1AI score0.0053EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/04/18 12:0 a.m.11 views

Azure Linux 3.0 Security Update: qemu (CVE-2023-3301)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3301 advisory. - A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend i...

5.6CVSS6.5AI score0.00251EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/18 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: qemu (CVE-2023-3301)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3301 advisory. - A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend i...

5.6CVSS6.5AI score0.00251EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/04/17 3:8 p.m.9 views

CVE-2023-3301 affecting package qemu for versions less than 6.2.0-23

CVE-2023-3301 affecting package qemu for versions less than 6.2.0-23. A patched version of the package is available...

5.6CVSS6.9AI score0.00251EPSS
Exploits0
Rosalinux
Rosalinux
added 2025/04/11 9:55 p.m.25 views

Advisory ROSA-SA-2025-2814

Software: qemu-kvm 6.2.0 OS: ROSA Virtualization 3.0 packageevrstring: qemu-kvm-6.2.0-53.rv30.2 CVE-ID: CVE-2021-3750 BDU-ID: 2024-04421 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the QEMU hardware emulator is related to a lack of checks to see if the buffer pointer overlaps with the MMIO...

8.2CVSS8.6AI score0.01891EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-3301

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has...

5.6CVSS6.3AI score0.00251EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2025/01/28 6:56 p.m.24 views

Advisory ROSA-SA-2025-2641

Software: qemu 7.2.7 OS: ROSA-CHROME packageevrstring: qemu-7.2.7-1 CVE-ID: CVE-2023-3301 BDU-ID: 2024-04418 CVE-Crit: LOW CVE-DESC.: A vulnerability in the virtio-net interface of the QEMU hardware emulator is related to the asynchronous nature of the shutdown allowing a race scenario...

7.8CVSS8.8AI score0.01891EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/06/07 12:0 a.m.39 views

Ubuntu: Security Advisory (USN-6567-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6AI score0.01891EPSS
Exploits3References3
Ubuntu
Ubuntu
added 2024/06/06 12:29 p.m.295 views

USN-6567-2: QEMU regression

USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...

7.1AI score
Exploits0References1
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.16 views

CVE-2023-3301 affecting package qemu for versions less than 8.2.0-1

CVE-2023-3301 affecting package qemu for versions less than 8.2.0-1. An upgraded version of the package is available that resolves this issue...

5.6CVSS6.3AI score0.00251EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.30 views

EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-3371)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the...

5.6CVSS6.5AI score0.00251EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/11/14 4:6 p.m.75 views

Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS6.7AI score0.0053EPSS
Exploits1References16
Tenable Nessus
Tenable Nessus
added 2023/10/07 12:0 a.m.328 views

Oracle Linux 8 : kvm_utils3 (ELSA-2023-12855)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12855 advisory. - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' Peter Krempa Orabug: 35644221 CVE-2023-3750 - virpci: Resolve leak in...

7.5CVSS6.9AI score0.01891EPSS
Exploits0References8
Oracle linux
Oracle linux
added 2023/09/22 12:0 a.m.57 views

qemu security update

15:4.2.1-28.el7 - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in the LSI controller CVE-2023-0330 Thomas Huth Orabug: 35724112 CVE-2023-0330 - kvm: Atomic memslot updates David Hildenbrand Orabug...

6.5CVSS7.3AI score0.00269EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/22 12:0 a.m.39 views

Oracle Linux 7 : qemu (ELSA-2023-12835)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12835 advisory. - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in...

6.5CVSS7AI score0.00269EPSS
Exploits0References4
OSV
OSV
added 2023/09/13 5:15 p.m.4 views

BELL-CVE-2023-3301

Bulletin has no description...

5.6CVSS6.3AI score0.00251EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/09/13 5:15 p.m.28 views

CVE-2023-3301

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...

5.6CVSS6.6AI score0.00251EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/09/13 4:9 p.m.10 views

CVE-2023-3301 Triggerable assertion due to race condition in hot-unplug

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...

5.6CVSS6.4AI score0.00251EPSS
Exploits0References3
CVE
CVE
added 2023/09/13 4:9 p.m.409 views

CVE-2023-3301

CVE-2023-3301 describes a race condition in QEMU’s hot-unplug of virtio-net NICs where the net device backend can be cleared before the PCI frontend is unplugged, enabling a malicious guest to trigger an assertion and cause a denial of service. Public documents confirm a vulnerability in QEMU wit...

5.6CVSS5.9AI score0.00251EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/08/09 12:0 a.m.49 views

SUSE SLED15: qemu / qemu-SLOF / qemu-accel-qtest / qemu-accel-tcg-x86 / qemu-arm / etc (SUSE-SU-2023:3234-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3234-1 advisory. - CVE-2023-2861: Fixed improper access control on special files in 9pfs bsc1212968. -...

7.1CVSS6.7AI score0.01891EPSS
Exploits0References10
Rows per page
Query Builder