Astra Linux - уязвимость в qemu

In QEMU versions up to 5.0.0, an assertion failure can occur during network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could exploit this flaw to terminate the QEMU process on the host, resulting in a denial-of-service condition in...

CVE-2025-71156

In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automatically enabled immediately upon request. This allows interrupt to fire before the associated NAPI context is fully initialized and cause...

PT-2025-42259

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contained a use-after-free issue identified through syzbot reporting. The issue occurs after commit e6d5dbdd20aa, which added multi-buff support for XDP running in gener...

EUVD-2015-6752

Malware in sbrugna...

EUVD-2017-3281

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2015-6815

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The processtxdesc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allo...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the failure to disassociate NAPI when the tun device is destroyed...

kernel: Linux kernel: Denial of Service due to incorrect network packet processing in NSH module

A flaw was found in the Linux kernel, specifically within its Network Service Header NSH module. A local attacker could exploit this vulnerability by sending specially crafted network packets, which would cause the system to crash. This issue, a type of Denial of Service DoS, arises from an...

UBUNTU-CVE-2022-48964

In the Linux kernel, the following vulnerability has been resolved: ravb: Fix potential use-after-free in ravbrxgbeth The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...

RHEL 7 : kpatch-patch (RHSA-2024:1323)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1323 advisory. This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel...

PT-2023-35985 · Git +1 · Ntopng

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 4 crash has been reported. The crash occurs in the ICMPinfo::dissectICMP function, which is called by...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-1762)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1762 advisory. - Resolves: bz1917451 CVE-2020-29443 virt:rhel/qemu-kvm: QEMU: ide: atapi: OOB access while processing read commands rhel-8.4.0 - Resolves: bz1919111...

Couchbase Server 缓冲区错误漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. Couchbase Server suffers from a buffer error vulnerability that originates from out-of-bounds access to network packet...

NicheStack embedded TCP/IP has vulnerabilities

Overview HCC Embedded's software called InterNiche stack NicheStack and NicheLite, which provides TCP/IP networking capability to embedded systems, is impacted by multiple vulnerabilities. The Forescout and JFrog researchers who discovered this set of vulnerabilities have identified these as...

Amazon Linux AMI : qemu-kvm (ALAS-2021-1488)

The version of qemu-kvm installed on the remote host is prior to 1.5.3-156.26. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1488 advisory. An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the...

QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c

An assertion failure flaw was found in QEMU in the network packet processing component. This issue affects the "e1000e" and "vmxnet3" network devices. This flaw allows a malicious guest user or process to abort the QEMU process on the host, resulting in a denial of service...

EulerOS 2.0 SP8 : qemu (EulerOS-SA-2020-2531)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service attacks. An unauthenticated remote attacker could kill the QEMU process on the host due to an assertion failure in the network packet processing, resulting in a denial of service condition in nettxpktaddrawfragment in hw/net/nettxpkt.c...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-2054)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : qemu-kvm (EulerOS-SA-2020-2054)

According to the version of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e a...