Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/19 4:23 p.m.6 views

CVE-2026-3195

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...

7.4CVSS5.8AI score0.00126EPSS
Exploits0References3Affected Software6
CVE
CVE
added 2026/06/19 4:23 p.m.20 views

CVE-2026-3195

CVE-2026-3195 : In QEMU’s virtio-snd, the heap buffer overflow occurs in the input callback (virtio_snd_pcm_in_cb) due to an incomplete bounds/iov check. The Attackerkb entry reiterates that the function does not verify whether the iov can fit the data buffer, enabling a heap out-of-bounds write....

7.4CVSS5.8AI score0.00126EPSS
Exploits0References3
OSV
OSV
added 2024/11/15 12:20 p.m.2 views

OESA-2024-2414 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov...

7.8CVSS7.3AI score0.00273EPSS
Exploits0References2
OSV
OSV
added 2024/08/15 12:0 a.m.2 views

UBUNTU-CVE-2024-7730

A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...

7.8CVSS7.3AI score0.00273EPSS
Exploits0References4
Rows per page
Query Builder