Lucene search
K

13 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Qemu

A use-after-free flaw was discovered in the MegaRAID emulator of QEMU. This issue occurs during the processing of SCSI I/O requests when the mptsasfreerequest function fails to dequeue the request object ‘req’ from the pending requests queue. This flaw allows a privileged guest user to crash the...

3.2CVSS6.4AI score0.0045EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26721

Malware in sbrugna...

3.2CVSS6AI score0.0045EPSS
Exploits1References10
Amazon
Amazon
added 2023/05/31 12:0 a.m.34 views

Medium: qemu

Issue Overview: A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on t...

8.2CVSS7.4AI score0.00475EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2021/12/01 12:0 a.m.100 views

Oracle Linux 8 : kvm_utils (ELSA-2021-9568)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9568 advisory. - In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. CVE-2020-15469 - A flaw was foun...

8.2CVSS7.2AI score0.00485EPSS
Exploits2References15
Tenable Nessus
Tenable Nessus
added 2021/07/16 12:0 a.m.38 views

Ubuntu 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-5010-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5010-1 advisory. Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause...

8.2CVSS6.9AI score0.00522EPSS
Exploits3References22
Tenable Nessus
Tenable Nessus
added 2021/07/01 12:0 a.m.42 views

EulerOS Virtualization 3.0.6.6 : qemu-kvm (EulerOS-SA-2021-2046)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds access flaw was found in the Message Signalled Interrupt MSI-X device support of QEMU. This issue occurs while...

6.7CVSS6.8AI score0.00866EPSS
Exploits2References9
Veracode
Veracode
added 2021/04/11 2:9 p.m.22 views

Denial Of Service (DoS)

qemu is vulnerable to denial of service. A use-after-free flaw in the MegaRAID emulator allows an attacker to crash the QEMU process due to an error while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object req from a pending requests...

3.2CVSS3.7AI score0.0045EPSS
Exploits1References6Affected Software6
OSV
OSV
added 2021/03/23 8:15 p.m.1 views

DEBIAN-CVE-2021-3392

A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...

3.2CVSS6.2AI score0.0045EPSS
Exploits1References1
Prion
Prion
added 2021/03/23 8:15 p.m.20 views

Design/Logic Flaw

A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...

2.1CVSS3.6AI score0.0045EPSS
Exploits1References5Affected Software3
UbuntuCve
UbuntuCve
added 2021/03/23 8:15 p.m.31 views

CVE-2021-3392

A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...

3.2CVSS6.7AI score0.0045EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2021/03/23 7:7 p.m.30 views

CVE-2021-3392

A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...

3.2CVSS5.3AI score0.0045EPSS
Exploits1
CVE
CVE
added 2021/03/23 7:7 p.m.160 views

CVE-2021-3392

CVE-2021-3392 is a use-after-free vulnerability in the QEMU MegaRAID emulator. It occurs when processing SCSI I/O requests during an error path in mptsas_free_request() where the request object may not be dequeued from the pending queue, allowing a privileged guest to crash the host QEMU process ...

3.2CVSS4.9AI score0.0045EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2021/02/02 12:0 a.m.3 views

PT-2021-7357 · Qemu +4 · Qemu +4

Name of the Vulnerable Software and Affected Versions: QEMU versions 2.10.0 through 5.2.0 Description: A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error in the mptsas free request function that does not...

8.8CVSS6.5AI score0.02904EPSS
Exploits14References168
Rows per page
Query Builder