Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: HID: bigbenff: prevent null pointer dereference When emulating the device through UHID, there is a possibility that we do not have output reports, and as a result, reportfield is set to null...

UBUNTU-CVE-2025-40265

In the Linux kernel, the following vulnerability has been resolved: vfat: fix missing sbminblocksize return value checks When emulating an nvme device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, but without format, a kernel panic was triggered during the early boot stag...

EUVD-2021-27146

Malware in sbrugna...

EUVD-2019-15184

Malware in sbrugna...

EUVD-2021-9213

Malicious code in bioql PyPI...

Introducing DataTrap: A Smarter, More Adaptive Honeypot Framework

Today, we're excited to release DataTrap, a powerful, extensible honeypot system built to simulate realistic web applications, IoT devices, and database behavior across HTTP, HTTPS, SSH, and database protocols e.g., MySQL. What sets DataTrap apart? It goes beyond static honeypots by combining...

Vasion Print 安全漏洞

Vasion Print is a SaaS-based, cloud-hosted application from Vasion for managing and deploying printers. Vasion Print has a security vulnerability that stems from a device emulation issue...

Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2022-2962)

The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2962 advisory. - A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes t...

OESA-2024-1313 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on th...

CVE-2022-23087 Bhyve e82545 device emulation out-of-bounds write

The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload "TSO". The e1000 device model uses an on-stack buffer to generat...

kernel: out-of-bounds write in hw_atl_utils_fw_rpc_wait() in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c

An out-of-bounds write flaw was found in the Linux kernel’s Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this...

NewStart CGSL MAIN 6.06 : qemu Multiple Vulnerabilities (NS-SA-2023-0132)

The remote NewStart CGSL host, running version MAIN 6.06, has qemu packages installed that are affected by multiple vulnerabilities: - In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 fixed, when executing script in...

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:5238)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:5238 advisory. - An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if...

Oracle Linux 7 : qemu (ELSA-2021-9638)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9638 advisory. - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packe...

AZL-35162 CVE-2022-36648 affecting package qemu for versions less than 6.2.0-18

The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third...

CVE-2022-36648

The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2446)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-54137

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc6+ Description The Linux kernel contains a flaw within the vduse module. Specifically, the vduse vdpa set vq affinity callback function may be invoked with a NULL value as the cpu mask when a vduse device...

EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-2082)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Bloc...

EulerOS Virtualization 2.9.1 : qemu-kvm (EulerOS-SA-2023-1651)

According to the versions of the qemu-kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Regist...