Lucene search
K

118 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Qemu

A reentrancy issue related to DMA was discovered in the Tulip device emulation in QEMU. When Tulip reads from or writes to the rx/tx descriptor, or copies a rx/tx frame, it does not check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers...

7.8CVSS6.9AI score0.00411EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.18 views

Astra Linux – Vulnerability in Qemu

A double-free vulnerability was identified in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto. The memreentrancyguard flag does not provide sufficient protection against reentrancy issues related to DMA operations. This vulnerability could allow a malicious privileged guest user ...

8.2CVSS7.7AI score0.00278EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Qemu

A reentrancy issue related to DMA was discovered in the USB EHCI controller emulation of QEMU. EHCI does not verify whether the Buffer Pointer overlaps with its MMIO region when transferring USB packets. Crafted content may be written to the controller’s registers, potentially triggering...

8.2CVSS7AI score0.0053EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-8876:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8876:01 advisory. QEMU: virtio: DMA reentrancy issue leads to double free vulnerability CVE-2024-3446 QEMU: Denial of Service via Improper Synchronization in QEMU NBD...

8.2CVSS5.6AI score0.01027EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : qemu-kvm-8.0.0-16.el9.1.ML.1 (AXSA:2023-7001:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7001:07 advisory. QEMU: hcd-ehci: DMA reentrancy issue incomplete fix for CVE-2021-3750 CVE-2023-2680 Tenable has extracted the preceding description block directly from the...

8.2CVSS5.6AI score0.0053EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : qemu-kvm-7.0.0-13.el9 (AXSA:2023-4972:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4972:01 advisory. QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free CVE-2021-3750 QEMU: fdc: heap buffer overflow in DMA read data transfers CVE-2021-3507...

8.2CVSS7.3AI score0.0053EPSS
Exploits4References5
OSV
OSV
added 2025/10/09 2:54 p.m.6 views

CLSA-2025-1760021660 qemu-kvm: Fix of 3 CVEs

CVE-2021-3750: fix for DMA reentrancy use-after-free - CVE-2023-2680: final fix for CVE-2021-3750 - CVE-2023-0330: fix reentrancy in LSI53c895a SCSI controller...

8.2CVSS6.7AI score0.0053EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-27145

Malware in sbrugna...

8.2CVSS7.8AI score0.00643EPSS
Exploits2References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-32033

Malicious code in bioql PyPI...

8.2CVSS7.7AI score0.00278EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-35183

Malicious code in bioql PyPI...

7.8CVSS6.8AI score0.00411EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-43711

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00318EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/04/18 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: qemu (CVE-2023-3019)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3019 advisory. - A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. Th...

6.5CVSS6.7AI score0.00318EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/04/12 7:0 a.m.5 views

Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow

...

6CVSS6.7AI score0.00269EPSS
Exploits0
OSV
OSV
added 2024/12/04 4:58 p.m.24 views

MGASA-2024-0387 Updated qemu packages fix security vulnerabilities

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

8.8CVSS7AI score0.01891EPSS
Exploits3References7
Mageia
Mageia
added 2024/12/04 4:58 p.m.35 views

Updated qemu packages fix security vulnerabilities

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

8.8CVSS7.9AI score0.01891EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2024/11/12 9:14 a.m.5 views

QEMU: virtio: DMA reentrancy issue leads to double free vulnerability

A double free vulnerability was found in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto, where the memreentrancyguard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host,...

8.2CVSS7.6AI score0.00278EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2024/11/12 12:0 a.m.18 views

Moderate: qemu-kvm security update

Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: QEMU: SR-IOV: improper validation of NumVFs leads to buffer overflow...

8.2CVSS7AI score0.01027EPSS
Exploits0References8
OSV
OSV
added 2024/11/08 1:42 a.m.3 views

USN-7094-1 qemu vulnerabilities

It was discovered that QEMU incorrectly handled memory during certain VNC operations. A remote attacker could possibly use this issue to cause QEMU to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2019-20382 It was discovered that QEMU...

7.8CVSS7.4AI score0.03566EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2024/09/25 12:0 a.m.16 views

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2024:6964)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:6964 advisory. QEMU: virtio: DMA reentrancy issue leads to double free vulnerability CVE-2024-3446 QEMU: Denial of Service via Improper Synchronization in QEMU NBD Serve...

8.2CVSS7.5AI score0.01027EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/09/24 3:34 a.m.5 views

QEMU: virtio: DMA reentrancy issue leads to double free vulnerability

A double free vulnerability was found in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto, where the memreentrancyguard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host,...

8.2CVSS7.6AI score0.00278EPSS
Exploits0References5
Rows per page
Query Builder