26 matches found
EUVD-2021-7695
Malicious code in bioql PyPI...
EUVD-2021-7647
Malicious code in bioql PyPI...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
Denial of service
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
CVE-2021-20257
CVE-2021-20257 concerns QEMU’s e1000 NIC emulator. The issue is an infinite loop in process_tx_desc when tx descriptor fields are invalid, allowing a guest to exhaust host CPU and cause DoS. Connected advisories confirm this affects QEMU and related builds (e.g., Debian LTS, Red Hat/AL2, Astra Li...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
CVE-2021-20257
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits tx descriptors in processtxdesc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial o...
QEMU Denial of Service Vulnerability (CNVD-2022-84162)
QEMU is a suite of emulation processor software from the personal developer Fabrice Bellard of France. The software is fast and cross-platform, and a denial-of-service vulnerability exists in QEMU, which stems from the incorrect handling of certain values by the QEMU NIC emulator. An attacker...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2021:1942-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1942-1 advisory. - Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to what was accepted upstream bsc1181103 - Fix OOB access in...
SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1947-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:1947-1 advisory. - Fix OOB access during mmio operations CVE-2020-13754, bsc1172382 - Fix out-of-bounds read information disclosure in...
SUSE: Security Advisory (SUSE-SU-2021:1252-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : xen (SUSE-SU-2021:1252-1)
This update for xen fixes the following issues : CVE-2021-20257: xen: infinite loop issue in the e1000 NIC emulator bsc1182846. CVE-2021-27379: Fixed an issue where entries in the IOMMU were not being updated under certain circumstances due to improper backport of XSA-321 XSA-366, bsc1182431. Not...
Stack overflow
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...
Denial Of Service (DoS)
qemu is vulnerable to denial of service. An infinite loop in the e1000 NIC emulator occurs while processing transmit tx descriptors in processtxdesc when various descriptor fields are initialized with invalid values...
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.
...
QEMU <= 5.2.0 DoS Vulnerability
QEMU is prone to a denial of service DoS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...
CVE-2021-20203
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in Do...
CVE-2021-20203
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in Do...
Integer overflow
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in Do...
CVE-2021-20203
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in Do...