Oracle Linux 7 : qemu (ELSA-2021-9638)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9638 advisory. - ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packe...

Amazon Linux 2 : qemu (ALAS-2023-2169)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2169 advisory. An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the...

EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2022-2071)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the aticursordefine routine while...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2071)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : libslirp (SUSE-SU-2022:1465-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1465-1 advisory. - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinp...

CVE-2022-21168

The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...

CVE-2022-21168 ICSA-22-090-03 Fuji Electric Alpha5

The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...

CVE-2022-21168 ICSA-22-090-03 Fuji Electric Alpha5

The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...

Updated libslirp packages fix security vulnerability

Invalid pointer initialization issues were found in the SLiRP networking implementation of QEMU. In the bootpinput function while processing a udp packet that is smaller than the size of the 'bootpt' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory fr...

openSUSE 15 Security Update : qemu (openSUSE-SU-2021:2591-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2591-1 advisory. - QEMU 5.0.0 has a heap-based Buffer Overflow in flatviewreadcontinue in exec.c because hw/sd/sdhci.c mishandles a write operation in the...

SUSE: Security Advisory (SUSE-SU-2021:2448-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : qemu (SUSE-SU-2021:2428-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2428-1 advisory. - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinput function...

Ubuntu 20.04 LTS : libslirp vulnerabilities (USN-5009-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5009-1 advisory. Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak...

QEMU Invalid Pointer Initialization Vulnerability (CNVD-2021-45768)

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the function udp6input using memory outside of the working mbuf buffer when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker could...

QEMU Invalid Pointer Initialization Vulnerability (CNVD-2021-45769)

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the use of memory outside of the working mbuf buffer by the function udp6input when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker...