45 matches found
EUVD-2023-43711
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-3019
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to...
OESA-2024-1311 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on th...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:0569)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0569 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:0404)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0404 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:0135)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0135 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packag...
CVE-2023-3019
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service...
CVE-2023-3019
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service...
CVE-2023-3019 Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service...
PT-2023-9224 · Qemu +11 · Qemu +11
Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code. This issue could allow a privileged guest user to crash the QEMU process on the host,...
SUSE CVE-2018-10839
Qemu emulator = 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS...
openSUSE Security Update : qemu (openSUSE-2021-600)
This update for qemu fixes the following issues : - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...
SUSE: Security Advisory (SUSE-SU-2018:3912-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-25707
An infinite loop flaw was found in the e1000e NIC emulation code of QEMU. This issue occurs in the e1000ewritepackettoguest routine while processing bogus RX descriptor data transmitted by the guest. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2019-1368)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-17958
An integer overflow issue was found in the RTL8139 NIC emulation in QEMU. It could occur while receiving packets over the network if the size value is greater than INTMAX. Such overflow would lead to stack buffer overflow issue. A user inside guest could use this flaw to crash the QEMU process,...
EulerOS Virtualization 3.0.1.0 : qemu (EulerOS-SA-2019-1444)
According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the network, if the siz...
EulerOS Virtualization 2.5.4 : qemu-kvm (EulerOS-SA-2019-1373)
According to the version of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the network, if the si...
EulerOS Virtualization 2.5.3 : qemu-kvm (EulerOS-SA-2019-1368)
According to the version of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the network, if the si...
Denial Of Service (DoS)
qemu-kvm is vulnerable to denial of service. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance denial of service or...