Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. This flaw allows a malicious guest driver to execute hardware commands when shared buffers have not yet been allocated, potentially leading to a use-after-free condition...

ROS-20251117-01

A vulnerability in the NVIDIA display driver is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Guest driver and Virtual GPU Manager components of the NVIDIA GPU driver is related to pointer...

EUVD-2022-24397

Malicious code in bioql PyPI...

USN-7513-3 linux-azure, linux-azure-6.8, linux-oem-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - ACPI drivers;...

Ubuntu 24.04 LTS : Linux kernel (GKE) vulnerabilities (USN-7515-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7515-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

USN-7379-1 linux, linux-aws, linux-azure, linux-gcp, linux-hwe-6.11, linux-oracle, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x86...

Denial Of Service (DoS)

qemu is vulnerable to Denial of Service DoS attacks. The flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and an application crash...

USN-6167-1: QEMU vulnerabilities

It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubunt...

QEMU Denial of Service Vulnerability (CNVD-2023-62348)

QEMU is a suite of simulation processor software. The software is fast and cross-platform. QEMU suffers from a denial-of-service vulnerability, which stems from the guest driver allocating and initializing a large number of page tables to be used as descriptor rings for CQs and asynchronous event...

CVE-2023-1544

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

CVE-2023-1544

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

Out-of-bounds

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

CVE-2023-1544

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

virt:kvm_utils2 security update

qemu-kvm 6.1.1-5-el8 - hw/pvrdma: Protect against buggy or malicious guest driver Yuval Shaia Orabug: 35064352 CVE-2022-1050 - hw/display/qxl: Assert memory slot fits in preallocated MemoryRegion Philippe Mathieu-Daude Orabug: 35060182 - hw/display/qxl: Avoid buffer overrun in qxlphys2virt...

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated potentially leading to a use-after-free condition.

...

CVE-2022-1050

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...

DEBIAN-CVE-2022-1050

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...

UBUNTU-CVE-2022-1050

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...

CVE-2022-1050

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition...

USN-4404-2 linux kernel vulnerabilities

USN-4404-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: Thomas E. Carroll discovered that the NVIDIA Cuda grpahics driver did not properly perform access control when...