Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-5088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the...

7CVSS6.8AI score0.00231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.34 views

Amazon Linux 2 : qemu (ALAS-2023-2336)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2336 advisory. A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead...

7CVSS6.9AI score0.00231EPSS
Exploits0References4
Veracode
Veracode
added 2023/11/05 1:8 a.m.37 views

Buffer Overflows

qemu is vulnerable to Buffer Overflows. A guest I/O address overflow vulnerability allows an attacker to overwrite arbitrary memory on the host system by exploiting a flaw in the way that QEMU handles guest I/O operations...

7CVSS7AI score0.00231EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2023/11/03 2:15 p.m.34 views

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

7CVSS6.5AI score0.00231EPSS
Exploits0References8
AlpineLinux
AlpineLinux
added 2023/11/03 2:15 p.m.34 views

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

3.5CVSS6.6AI score0.00231EPSS
Exploits0
CVE
CVE
added 2023/11/03 1:58 p.m.227 views

CVE-2023-5088

CVE-2023-5088 is a QEMU vulnerability where an IDE guest I/O operation addressed to an arbitrary disk offset may be mis-targeted to offset 0, potentially overwriting the VM boot code. Affected context includes scenarios with nested guests (L2 reading/writing LBA0 of vdiskL1 via vdiskL2). Public r...

7CVSS6.7AI score0.00231EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2023/11/03 1:58 p.m.56 views

CVE-2023-5088 Qemu: improper ide controller reset can lead to mbr overwrite

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

6.4CVSS7AI score0.00231EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/11/03 1:58 p.m.26 views

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

7CVSS6.5AI score0.00231EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2023/11/03 12:0 a.m.36 views

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

7CVSS6.8AI score0.00231EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/10/31 11:29 p.m.31 views

CVE-2023-5088

A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L1 vdiskL1...

6.4CVSS6.6AI score0.00231EPSS
Exploits0References4
OSV
OSV
added 2023/08/01 11:15 p.m.6 views

CVE-2023-3494

The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copyin...

8.8CVSS6.5AI score0.00218EPSS
Exploits0References2
Rows per page
Query Builder