EUVD-2023-12391

Malicious code in bioql PyPI...

CBL Mariner 2.0 Security Update: qemu (CVE-2023-0330)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0330 advisory. - A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem May...

SUSE SLES12 Security Update : qemu (SUSE-SU-2024:1395-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1395-1 advisory. - A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlap...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qemu (SUSE-SU-2023:4056-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4056-1 advisory. - An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This fl...

Oracle Linux 7 : qemu (ELSA-2023-12834)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12834 advisory. - virtio-crypto: verify src&dst buffer length for sym request Zhenwei Pi Orabug: 35724113 CVE-2023-3180 - hw/scsi/lsi53c895a: Fix reentrancy issues in...

Amazon Linux 2 : qemu (ALAS-2023-2191)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2191 advisory. There is a vulnerability in the lsi53c895a device which affects the latest version of qemu. The carefully designed PoC can repeatedly...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qemu (SUSE-SU-2023:3082-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3082-1 advisory. - A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO...

SUSE SLES12 Security Update : qemu (SUSE-SU-2023:3015-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3015-1 advisory. - A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values cursor-header.width and...

Amazon Linux 2 : qemu, --advisory ALAS2-2023-2148 (ALAS-2023-2148)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2148 advisory. A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : QEMU vulnerabilities (USN-6167-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6167-1 advisory. It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. ...

QEMU < 8.0.0 Multiple Vulnerabilites (CVE-2023-0664)

A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. - A vulnerability in the lsi53c895a device affects the latest version of...

Out-of-bounds Write

qemu is vulnerable to Out-of-bounds Write. A vulnerability within the 'lsi53c895a' device causes a DMA-MMIO reentrancy problem which may result in memory corruption bugs...

EulerOS Virtualization 2.9.1 : qemu-kvm (EulerOS-SA-2023-2010)

According to the versions of the qemu-kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory...

EulerOS Virtualization 2.9.0 : qemu-kvm (EulerOS-SA-2023-2031)

According to the versions of the qemu-kvm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2023-2010)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-0330

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free...

CVE-2023-0330

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free...

Stack overflow

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free...

CVE-2023-0330

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free...

CVE-2023-0330 Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow

A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free...