CVE-2026-43307

A flaw was found in the Linux kernel's iio: accel: adxl380 driver. The driver's interrupt handler, responsible for reading data from the sensor's FIFO First-In, First-Out buffer, can miscalculate the number of entries. This error may cause the driver to attempt to read beyond the actual data...

CVE-2026-43307 iio: accel: adxl380: Avoid reading more entries than present in FIFO

In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than present in FIFO The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor fills the...

ROS-20251022-04

A vulnerability in the sdhciwritedataport function of the QEMU hardware emulator is related to an overflow of the buffer in the heap via the s-datacount and s-fifobuffer parameters. Exploitation of the vulnerability could allow an an attacker to cause a denial of service...

AZL-60901 CVE-2024-3447 affecting package qemu for versions less than 8.2.0-16

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size of s-fifobuffer are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a...

DEBIAN-CVE-2024-3447

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both s-datacount and the size of s-fifobuffer are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a...

CVE-2022-48871

A vulnerability was found in the Linux kernel's qcomgeniserial.c driver. A lack of proper size validation can lead to an out-of-bounds write caused by a mismatch between the RX FIFO buffer size and the actual RX FIFO depth after initialization. This issue can lead to memory corruption or crashes...

CVE-2022-48871

In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO port-rxfifo based on default RX FIFO depth, e.g. 16. Later during serial startup the qcomgeniserialportsetup...

CVE-2022-48871 tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer

In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO port-rxfifo based on default RX FIFO depth, e.g. 16. Later during serial startup the qcomgeniserialportsetup...

CVE-2022-48871

In CVE-2022-48871, the Linux kernel fix targets tty: serial: qcom-geni-serial slab-out-of-bounds on the RX FIFO buffer. The probe allocates port->rx_fifo using a default depth (e.g., 16); during serial startup, port->rx_fifo_depth is updated to match device capabilities (e.g., 32). The RX U...

CVE-2022-48871

In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO port-rxfifo based on default RX FIFO depth, e.g. 16. Later during serial startup the qcomgeniserialportsetup...

CVE-2022-48871 tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer

In the Linux kernel, the following vulnerability has been resolved: tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer Driver's probe allocates memory for RX FIFO port-rxfifo based on default RX FIFO depth, e.g. 16. Later during serial startup the qcomgeniserialportsetup...

OESA-2024-1494 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...

PT-2023-34850 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.165 Description: The issue is related to a slab-out-of-bounds error on the RX FIFO buffer in the qcom-geni-serial driver. This problem was introduced in version v5.7 and is fixed in version v5.10.165. The...

PT-2023-34747 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue is related to a slab-out-of-bounds error on the RX FIFO buffer in the qcom-geni-serial driver. The actual impact and potential for attack have not been proven yet. Recommendations:...

CVE-2016-4453

Quick EmulatorQemu built with the VMware-SVGA "chipset" emulation support is vulnerable to an infinite loop issue. It could occur while processing VGA commands via its FIFO buffer. A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS...

CentOS Update for kmod-kvm CESA-2015:1003 centos5

Check the version of kmod-kvm SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882193";...

qemu: fdc: out-of-bounds fifo buffer memory access

An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileg...

Important: Red Hat Security Advisory: qemu-kvm security update

Updated qemu-kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

F5 Networks BIG-IP : QEMU vulnerability (SOL16620) (Venom)

An out-of-bounds memory access flaw, also known as 'VENOM,' was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on th...

Scientific Linux Security Update : qemu-kvm on SL7.x x86_64 (20150513) (Venom)

An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileg...