17 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3416
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopbac...
SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2023:3800-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3800-1 advisory. - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed an use-after-fr...
SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-pa / qemu-block-curl / etc (SUSE-SU-2023:3721-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3721-1 advisory. - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed a...
Amazon Linux 2 : qemu, --advisory ALAS2-2023-2148 (ALAS-2023-2148)
The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2148 advisory. A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including...
Medium: qemu
Issue Overview: A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles o...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:3061)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3061 advisory. - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. CVE-2020-13754 ...
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2021-3061)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-3061 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libvirt - Resolves: bz1932917 CVE-2021-3416 virt:rhel/qemu-kvm: QEMU...
EulerOS Virtualization 3.0.6.6 : qemu-kvm (EulerOS-SA-2021-2046)
According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds access flaw was found in the Message Signalled Interrupt MSI-X device support of QEMU. This issue occurs while...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2021-2011)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2021-1735)
According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...
EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2021-1763)
According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated...
CVE-2021-3416
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...
CVE-2021-3416
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...
CVE-2021-3416
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...
CVE-2021-3416
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...
CVE-2021-3416
CVE-2021-3416 describes a stack overflow via an infinite loop in various QEMU NIC emulators (loopback mode) up to and including version 5.2.0, where reentrant DMA checks can be bypassed. A guest user/process can cause high CPU usage or crash the QEMU host process, resulting in DoS. Affected produ...
CVE-2021-3416
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...