Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2023-6980)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6980 advisory. - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 - Fixes: CVE-2022-40284 - Fixes: CVE-2021-46790, CVE-2022-30783,...

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2023:6980)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6980 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...

AZL-35170 CVE-2023-3301 affecting package qemu for versions less than 8.2.0-1

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...

CVE-2023-3301

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...

Denial Of Service (DoS)

qemu is vulnerable to Denial of Service DoS attacks. Because hot-unplug is async, a race condition can occur in which the net device backend is cleared before the virtio-net pci frontend is removed. This time window might be used by a malicious attacker to trigger an assertion and cause a denial ...

SUSE CVE-2023-3301

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service...