Astra Linux – Vulnerability in Qemu

A reachable assertion issue was detected in the USB EHCI emulation code of QEMU. This issue can occur during the processing of USB requests due to a faulty handling of the DMA memory map. A malicious privileged user within the guest environment may exploit this flaw to send invalid USB requests,...

Astra Linux - уязвимость в qemu

An integer underflow issue was discovered in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could exploit this flaw to render QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...

Astra Linux – Vulnerability in Qemu

QEMU 4.2.0 has a use-after-free issue in hw/net/e1000ecore.c, as a user of the guest OS can trigger an e1000e packet with the data’s address set to the e1000e’s MMIO address...

QEMU 安全漏洞

QEMU Quick Emulator is a simulation software for processors developed by Fabrice Bellard from France. This software features high speed and cross-platform capabilities. QEMU has a security vulnerability, which stems from the lack of length restrictions on the virtio-crypto device. This...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2021-2165:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2165:01 advisory. libvirt: double free in qemuAgentGetInterfaces in qemuagent.c CVE-2020- 25637 QEMU: heap buffer overflow in msixtablemmiowrite in hw/pci/msix.c...

The vulnerability of the Guest Agent Service emulation software for hardware infrastructure provided by QEMU allows a hacker to elevate their privileges within the system.

The vulnerability of the Guest Agent Service emulation software for hardware devices based on QEMU is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges within the system...

DEBIAN-CVE-2024-8354

A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition...

The vulnerability of the web server of the FANUC Robotics Virtual Robot Controller software allows a hacker to execute arbitrary code.

The vulnerability of the web server of the FANUC Robotics Virtual Robot Controller emulation software is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

SUSE CVE-2016-5337

The megasasctrlgetinfo function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information...

The vulnerability of the vmxnet3 network card emulator, a component of the QEMU hardware emulation software, allows a hacker to induce a service failure.

The vulnerability of the vmxnet3 network card emulator, a component of the QEMU hardware emulation software, is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to cause a system failure...

Intel HAXM 安全漏洞

Intel HAXM Intel Hardware Accelerated Execution Manager is a cross-platform hardware-assisted virtualization engine hypervisor from Intel Corporation that is widely used as a gas pedal for Android Emulator and QEMU. A security vulnerability exists in Intel Hardware Accelerated Execution Manager...

The vulnerability of the qxl_cursor() function in the QEMU hardware emulation software allows a hacker to execute arbitrary code.

The vulnerability of the qxlcursor function in the QEMU hardware emulation software is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a attacker to execute arbitrary code...

The vulnerability of the Network Block Device (NBD) emulator’s hardware emulation software, QEMU, stems from improper resource management by external emulators. This allows a malicious actor to trigger a service failure.

The vulnerability of the Network Block Device NBD emulation software from QEMU lies in the sending of a request by the client, which corresponds to a specification that is located within the maximum allowable range of request length. Exploiting this vulnerability allows an attacker who operates...

The vulnerability of the sd_wp_addr component of the emulation software for hardware devices on other platforms, related to reading data beyond the buffer’s acceptable limits, allows a malicious actor to cause a service failure.

The vulnerability of the sdwpaddr component of the hardware emulation software for other platforms supported by QEMU lies in its ability to read data from beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to cause service failures...

Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide

Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetratio...

Deamon Tools Pro 输入验证错误漏洞

Deamon Tools Pro is a simulation emulation software that facilitates the creation and installation of images. An input validation error vulnerability exists in Deamon Tools Pro. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor...

QEMU 安全漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. A security vulnerability exists in QEMU that stems from a flaw found in USB redirection device emulation in versions of QEMU prior to 6.1.0-rc2...

The vulnerability of QEMU’s emulation software for various platform hardware devices lies in the execution of a loop with an unreachable exit condition, allowing a malicious actor to cause a service failure.

The vulnerability of QEMU’s software for emulating hardware on various platforms is related to the infinite operation of a loop. Exploiting this vulnerability allows an attacker to cause a service failure...

The vulnerability of QEMU’s emulation software lies in its ability to read data beyond the allowed buffer limits, allowing an attacker to trigger a service failure.

The vulnerability of QEMU’s emulation software-related hardware lies in reading data from buffers beyond acceptable limits. Exploiting this vulnerability allows an attacker to cause system failures...

The vulnerability of the ati_2d_blt function (hw/display/ati_2d.c) in the QEMU hardware emulation software allows a hacker to trigger a service failure.

The vulnerability of the ati2dblt function hw/display/ati2d.c in the QEMU hardware emulation software is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...