Linux Distros Unpatched Vulnerability : CVE-2021-3416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopbac...

SUSE SLES15 Security Update : qemu (SUSE-SU-2023:3800-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3800-1 advisory. - Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigati...

SUSE SLES15 / openSUSE 15 Security Update : qemu (SUSE-SU-2023:3721-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3721-1 advisory. - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an...

Amazon Linux 2 : qemu, --advisory ALAS2-2023-2148 (ALAS-2023-2148)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2148 advisory. A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including...

Medium: qemu

Issue Overview: A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles o...

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:3061)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3061 advisory. - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. CVE-2020-13754 ...

Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-3061)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3061 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libvirt - Resolves: bz1932917 CVE-2021-3416 virt:rhel/qemu-kvm: QEMU...

EulerOS Virtualization 3.0.6.6 : qemu-kvm (EulerOS-SA-2021-2046)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds access flaw was found in the Message Signalled Interrupt MSI-X device support of QEMU. This issue occurs while...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2021-2011)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2021-1735)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2021-1763)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...

CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

CVE-2021-3416

CVE-2021-3416 describes a stack overflow via an infinite loop in various QEMU NIC emulators (loopback mode) up to and including version 5.2.0, where reentrant DMA checks can be bypassed. A guest user/process can cause high CPU usage or crash the QEMU host process, resulting in DoS. Affected produ...