13 matches found
Astra Linux – Vulnerability in Qemu
A use-after-free flaw was discovered in the MegaRAID emulator of QEMU. This issue occurs during the processing of SCSI I/O requests when the mptsasfreerequest function fails to dequeue the request object ‘req’ from the pending requests queue. This flaw allows a privileged guest user to crash the...
EUVD-2021-26721
Malware in sbrugna...
Medium: qemu
Issue Overview: A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on t...
Oracle Linux 8 : kvm_utils (ELSA-2021-9568)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9568 advisory. - In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. CVE-2020-15469 - A flaw was foun...
Ubuntu 18.04 LTS / 20.04 LTS : QEMU vulnerabilities (USN-5010-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5010-1 advisory. Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause...
EulerOS Virtualization 3.0.6.6 : qemu-kvm (EulerOS-SA-2021-2046)
According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds access flaw was found in the Message Signalled Interrupt MSI-X device support of QEMU. This issue occurs while...
Denial Of Service (DoS)
qemu is vulnerable to denial of service. A use-after-free flaw in the MegaRAID emulator allows an attacker to crash the QEMU process due to an error while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object req from a pending requests...
DEBIAN-CVE-2021-3392
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...
Design/Logic Flaw
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...
CVE-2021-3392
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...
CVE-2021-3392
A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error mptsasfreerequest that does not dequeue the request object 'req' from a pending requests queue. This flaw allows a privileged guest user to crash the QEMU...
CVE-2021-3392
CVE-2021-3392 is a use-after-free vulnerability in the QEMU MegaRAID emulator. It occurs when processing SCSI I/O requests during an error path in mptsas_free_request() where the request object may not be dequeued from the pending queue, allowing a privileged guest to crash the host QEMU process ...
PT-2021-7357 · Qemu +4 · Qemu +4
Name of the Vulnerable Software and Affected Versions: QEMU versions 2.10.0 through 5.2.0 Description: A use-after-free flaw was found in the MegaRAID emulator of QEMU. This issue occurs while processing SCSI I/O requests in the case of an error in the mptsas free request function that does not...