14 matches found
Astra Linux - уязвимость в qemu
A flaw was discovered in QEMU. If the QIOChannelWebsock object is freed while it is waiting to complete a handshake, a GSource is leaked. This can result in the callback being fired later, thereby causing a use-after-free when using the channel. This vulnerability can be exploited by a malicious...
MiracleLinux 4 : qemu-kvm-0.12.1.2-2.479.AXS4.2 (AXSA:2015-518:06)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-518:06 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running...
RockyLinux 8 : virt:rhel and virt-devel:rhel (RLSA-2023:2757)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:2757 advisory. ntfs-3g: heap-based buffer overflow in ntfsck CVE-2021-46790 QEMU: VNC: integer underflow in vncclientcuttextext leads to CPU exhaustion CVE-2022-3165...
UBUNTU-CVE-2023-3180
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtiocryptohandlesymreq. There is no check for the value of srclen and dstlen in virtiocryptosymophelper, potentially leading to a heap buffer overflow when the two values differ...
PT-2023-4596 · Qemu +9 · Qemu +9
Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans ...
USN-6167-1: QEMU vulnerabilities
It was discovered that QEMU did not properly manage the guest drivers when shared buffers are not allocated. A malicious guest driver could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubunt...
SUSE CVE-2021-3546
An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...
QEMU: Multiple vulnerabilities
Background QEMU is a generic and open source machine emulator and virtualizer. Description Multiple vulnerabilities have been discovered in QEMU. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...
DEBIAN-CVE-2019-6778
In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow...
Virglrenderer Denial of Service Vulnerability (CNVD-2017-02434)
Virglrenderer is a library for maintaining API stability in Virgil 3d projects. A denial of service vulnerability exists in Virglrenderer. An attacker exploits this vulnerability to crash a QEMU instance, resulting in a denial of service...
UBUNTU-CVE-2016-7156
The pvscsiconvertsglist function in hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging an incorrect cast...
UBUNTU-CVE-2015-8744
QEMU aka Quick Emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance resulting in DoS...
USN-2724-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9718 Donghai Zhu discovered that QEMU...
DSA-2543-1 xen-qemu-dm-4.0 - multiple
Bulletin has no description...