SUSE CVE-2016-4037

The ehciadvancestate function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption via a circular split isochronous transfer descriptor siTD list, a related issue to CVE-2015-8558...

SUSE CVE-2017-5667

The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds heap access and crash or execute arbitrary code on the QEMU host via vectors involving the data transfer length...

SUSE CVE-2017-9375

QEMU aka Quick Emulator, when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service infinite recursive call via vectors involving control transfer descriptors sequencing...

SUSE CVE-2020-25624

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver...

SUSE CVE-2020-27661

A divide-by-zero issue was found in dwc2handlepacket in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service...

SUSE CVE-2021-3564

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13...

SUSE CVE-2022-3872

An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhcireaddataport and sdhciwritedataport, respectively, if datacount == blocksize. A malicious guest could use this flaw to crash the QEMU process on the host,...

PT-2023-34856 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.165 Description: The issue concerns the xhci component of the Linux Kernel, where an endpoint is not properly validated before being dereferenced. This could potentially lead to security vulnerabilities,...

CVE-2023-0396

A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses...

CVE-2022-3806

Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer...

RHEL 9 : kernel (RHSA-2023:0334)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0334 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: watch queue race condition can...

PT-2023-9427 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the xhci component in the Linux kernel, where a NULL pointer dereference can occur when the host controller is not responding, causing a kernel panic. This...

PT-2025-37561

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak exists in the USB UHCI driver when using the debugfs lookup function. Failing to call dput on the result of debugfs lookup leads to a memory leak over time. The issue is...

PT-2025-49731

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to out-of-bound memory access within the xhci-dbc driver. Specifically, if the xdbc bulk write function fails, the buffer used by the xdbc trace...

The vulnerability of the USB 2.0 (EHCI) controller in VMware ESXi, VMware Workstation, and VMware Fusion, as well as in the virtualization platform VMware Cloud Foundation, allows a perpetrator to execute arbitrary code.

The vulnerability of the USB 2.0 EHCI controller in VMware ESXi, VMware Workstation, and VMware Fusion, as well as in the virtualization platform VMware Cloud Foundation, relates to the ability to write beyond the buffer. Exploiting this vulnerability could allow an attacker to execute arbitrary...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-2767)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enabl...

QEMU 安全漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU has a security vulnerability in SDHCI that stems from the discovery of a read/write-by-read problem. An attacker exploited the vulnerabili...

USN-5616-1: Linux kernel (Intel IoTG) vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

OESA-2022-1918 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including one or several processors and various peripherals. It can be used to launch...

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-5616-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5616-1 advisory. Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A...