Lucene search
+L

170 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.5 views

SUSE CVE-2021-3507

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 including. It could occur in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU...

4.4CVSS7AI score0.00485EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.5 views

SUSE CVE-2021-20196

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulti...

3.2CVSS6.6AI score0.00475EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.48 views

EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2023-1212)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Blo...

8.2CVSS7.5AI score0.00643EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.42 views

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2023-1242)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Blo...

8.2CVSS7.5AI score0.00643EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2022/11/22 12:0 a.m.36 views

Oracle Linux 9 : qemu-kvm (ELSA-2022-7967)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7967 advisory. - Resolves: bz1951522 CVE-2021-3507 qemu-kvm: QEMU: fdc: heap buffer overflow in DMA read data transfers rhel-9.0 Tenable has extracted the preceding...

8.2CVSS7.1AI score0.0053EPSS
Exploits4References5
RedHat Linux
RedHat Linux
added 2022/11/15 10:26 a.m.6 views

QEMU: fdc: heap buffer overflow in DMA read data transfers

A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host...

6.1CVSS6.9AI score0.00485EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2022/11/08 9:49 a.m.6 views

QEMU: fdc: heap buffer overflow in DMA read data transfers

A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host...

6.1CVSS6.9AI score0.00485EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/10/27 12:0 a.m.38 views

SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2022:3768-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3768-1 advisory. - CVE-2021-3409: Fixed an incomplete fix for CVE-2020-17380 and CVE-2020-25085 in sdhi controller. bsc1182282 - CVE-2021-4206: Fixe...

8.8CVSS7AI score0.00834EPSS
Exploits6References23
Tenable Nessus
Tenable Nessus
added 2022/09/05 12:0 a.m.41 views

Debian dla-3099 : qemu - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3099 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3099-1 [email protected]...

8.8CVSS6.7AI score0.02904EPSS
Exploits12References72
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-5500-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.4AI score0.00813EPSS
Exploits5References2
Ubuntu
Ubuntu
added 2022/08/10 6:12 p.m.299 views

USN-5566-1: Linux kernel vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.6AI score0.12746EPSS
Exploits24
OSV
OSV
added 2022/08/10 4:59 p.m.14 views

USN-5564-1 linux-intel-iotg vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS7.3AI score0.12746EPSS
Exploits26References16
OSV
OSV
added 2022/08/10 12:36 p.m.19 views

USN-5560-2 linux-hwe, linux-aws-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

7.8CVSS6.9AI score0.12746EPSS
Exploits26References14
OpenVAS
OpenVAS
added 2022/08/03 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-5544-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.3AI score0.05496EPSS
Exploits12References2
Ubuntu
Ubuntu
added 2022/08/02 4:11 a.m.189 views

USN-5544-1: Linux kernel vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.2AI score0.05496EPSS
Exploits12
Ubuntu
Ubuntu
added 2022/07/21 12:0 a.m.100 views

USN-5529-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1679...

7.8CVSS7.5AI score0.06451EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/07/13 6:39 p.m.84 views

USN-5513-1: Linux kernel (AWS) vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/07/07 7:59 a.m.117 views

USN-5505-1: Linux kernel vulnerabilities

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. CVE-2021-3609 Likang Luo discovered that a race condition existed in the Bluetoo...

7.9CVSS6.9AI score0.06451EPSS
Exploits9
Ubuntu
Ubuntu
added 2022/06/21 2:57 p.m.133 views

USN-5489-1: QEMU vulnerabilities

Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly leak sensitive information. CVE-2021-3507 It was discovered that QEMU incorrectly...

8.2CVSS7.5AI score0.02701EPSS
Exploits5
OSV
OSV
added 2022/06/17 11:3 a.m.6 views

OESA-2022-1716 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 including. It could occur in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data...

6.5CVSS6.9AI score0.00489EPSS
Exploits2References3
Rows per page
Query Builder