Lucene search
K

21 matches found

OSV
OSV
added 2026/06/24 5:17 a.m.5 views

UBUNTU-CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 4:37 a.m.11 views

CVE-2026-9539

CVE-2026-9539 affects freedesktop.org libslirp (prior to v4.9.2) used on hypervisor host environments (e.g., QEMU). A vulnerability in the TCP urgent data handling (sosendoob) can cause an out-of-bounds heap read and integer underflow, enabling a privileged guest VM attacker (root or CAP_NET_RAW)...

6.5CVSS5.9AI score0.00106EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/24 4:37 a.m.34 views

CVE-2026-9539 libslirp TCP URG OOB Read Information Leak

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS0.00106EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51663

Name of the Vulnerable Software and Affected Versions libslirp versions prior to v4.9.2 Description An integer underflow and out-of-bounds heap read exist in the TCP urgent data handling sosendoob within hypervisor host environments, such as QEMU. A privileged guest VM attacker with root or CAP N...

6.5CVSS5.8AI score0.00106EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Qemu

An information disclosure vulnerability was discovered in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw resides in the virglcmdgetcapsetinfo function in contrib/vhost-user-gpu/virgl.c, and can occur due to the reading of uninitialized memory...

6.5CVSS6.6AI score0.00421EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002171 advisory. The ioapicreadindirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPICREGSELECT and...

6.2CVSS6.7AI score0.0135EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002192)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002192 advisory. The ioapicreadindirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPICREGSELECT and...

6.2CVSS6.7AI score0.0135EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-21981

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: fix memory leak in aRFS after reset Fix aRFS accelerated Receive Flow Steering structur...

5.5CVSS6.2AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.2 views

SUSE CVE-2021-3592

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...

3.8CVSS7.2AI score0.00326EPSS
Exploits0References33
OSV
OSV
added 2021/06/15 9:15 p.m.1 views

DEBIAN-CVE-2021-3592

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...

3.8CVSS6.2AI score0.00326EPSS
Exploits0References1
OSV
OSV
added 2021/06/15 9:15 p.m.2 views

UBUNTU-CVE-2021-3592

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function and could occur while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 byte...

3.8CVSS6.6AI score0.00326EPSS
Exploits0References6
OSV
OSV
added 2021/06/02 2:15 p.m.3 views

DEBIAN-CVE-2021-3545

An information disclosure vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw exists in virglcmdgetcapsetinfo in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest...

6.5CVSS6.1AI score0.00421EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/04/19 12:0 a.m.4 views

PT-2021-7719

Name of the Vulnerable Software and Affected Versions QEMU versions up to 6.0.0 Description A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl transfer handler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest...

6.1CVSS6.7AI score0.00485EPSS
Exploits1References224
OPENSUSE Linux
OPENSUSE Linux
added 2017/07/15 12:10 a.m.701 views

Security update for qemu (important)

This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service infinite loop by leveraging an incorrect return value bsc1042159. - CVE-2017-8379: Memory leak in the keyboard input...

7.8CVSS3.3AI score0.04544EPSS
Exploits1References27
Ubuntu
Ubuntu
added 2017/04/25 12:1 p.m.80 views

USN-3268-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-10028 It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker...

9.9CVSS7.7AI score0.04448EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/04/03 12:0 a.m.25 views

openSUSE Security Update : virglrenderer (openSUSE-2017-415)

This update for virglrenderer fixes the following issues : Security issues fixed : - CVE-2017-6386: memory leakage while in vrendcreatevertexelementsstate bsc1027376 - CVE-2017-6355: integer overflow while creating shader object bsc1027108 - CVE-2017-6317: fix memory leak in add shader program...

7.1CVSS6.3AI score0.00493EPSS
Exploits0References26
OSV
OSV
added 2017/01/26 3:59 p.m.1 views

DEBIAN-CVE-2016-9932

CMPXCHG8B emulation in Xen 3.3.x through 4.7.x on x86 systems allows local HVM guest OS users to obtain sensitive information from host stack memory via a "supposedly-ignored" operand size prefix...

3.3CVSS5.5AI score0.00421EPSS
Exploits0References1
OSV
OSV
added 2016/12/29 10:59 p.m.2 views

DEBIAN-CVE-2016-9846

QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in updatecursordatavirgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host...

6.5CVSS6.8AI score0.00418EPSS
Exploits0References1
OSV
OSV
added 2016/12/29 10:59 p.m.2 views

DEBIAN-CVE-2015-8701

QEMU aka Quick Emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit tx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16 fragments. A privileged user inside guest coul...

6.5CVSS7.3AI score0.00391EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2016/12/23 12:0 a.m.5 views

PT-2016-3004 · Qemu +3 · Qemu +3

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: The issue is related to an uncontrolled resource consumption in the Virtio GPU emulator hardware of QEMU. It may allow a local attacker to compromise the confidentiality, integrity, and...

10CVSS7.1AI score0.74041EPSS
Exploits12References363
Rows per page
Query Builder