4 matches found
SUSE SLES15 Security Update : qemu (SUSE-SU-2026:2388-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2388-1 advisory. Security fixes: - CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when...
PT-2026-48843
A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...
RISC Zero Ethereum 代码注入漏洞
RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A code injection vulnerability exists in RISC Zero Ethereum that originates from a host that can write to an arbitrary memory location of a visitor using a specially crafted response, which could lead to the execution of...
QEMU cirrus_vga.c code execution vulnerability
QEMU is a suite of analog processor software. A security vulnerability in QEMU cirrusvga.c allows an attacker to exploit the vulnerability to write to HOST memory, resulting in arbitrary code execution with elevated privileges...