10 matches found
Astra Linux - уязвимость в qemu
A buffer overflow vulnerability was discovered in the ATI VGA device emulation provided by QEMU. This vulnerability occurs in the ati2dblt routine, during the handling of MMIO write operations, when the guest provides invalid values for the destination display parameters. A malicious guest could...
CVE-2026-31588
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use scratch field in MMIO fragment to hold small write values When exiting to userspace to service an emulated MMIO write, copy the to-be-written value to a scratch field in the MMIO fragment if the size of the data...
AZL-70295 CVE-2025-38064 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on deviceshutdown Hongyu reported a hang on kexec in a VM. QEMU reported invalid memory accesses during the hang. Invalid read at addr 0x102877002, size 2, region 'null', reason: rejected...
PT-2025-25838
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, where virtio-console continues to write to the MMIO even after the underlying virtio-pci device is reset. This issue can cause a...
CVE-2024-35818
A vulnerability was found in the Linux kernel's LoongArch architecture. This issue occurs due to an improperly defined ioaw hook, which could affect memory writes. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...
UBUNTU-CVE-2019-20808
In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the aticursordefine routine while handling MMIO write operations through the atimmwrite callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service...
DEBIAN-CVE-2020-24352
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati2dblt routine in hw/display/ati2d.c while handling MMIO write operations through the atimmwrite callback. A malicious guest could use this flaw ...
In QEMU through 5.0.0 an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host resulting in a denial of service.
...
PT-2020-6458
Name of the Vulnerable Software and Affected Versions QEMU versions prior to 5.0.0 Description The issue is related to an integer overflow in the SM501 display driver implementation, specifically in the COPY AREA macro while handling MMIO write operations through the sm501 2d engine write callbac...
Kernel: KVM: OOB memory access via mmio ring buffer
An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvmcoalescedmmio' object, wherein write indices 'ring-first' and 'ring-last' value could be supplied by a host user-space...