15 matches found
EUVD-2026-35415
In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...
CVE-2026-43249
The CVE-2026-43249 entry describes a race in the Linux kernel 9p/xen frontend: xenwatch and backend change notifications can concurrently call xen_9pfs_front_free, causing a double-free and a general protection fault. The fixes guard the teardown path so only a single caller releases the front-en...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003797)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003797 advisory. An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and denial o...
Linux Distros Unpatched Vulnerability : CVE-2019-16413
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and...
The vulnerability of the file system for pervasive access 9p (9pfs) in the QEMU hardware emulation software allows a perpetrator to circumvent existing access control policies.
The vulnerability of the 9pfs file system, a hypervisor-based emulator of QEMU, is related to the absence of a prohibition on opening specific files on the host side. Exploiting this vulnerability can allow a perpetrator to circumvent existing access control policies...
AZL-35167 CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1
A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...
DEBIAN-CVE-2023-2861
A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...
OESA-2023-1474 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated,...
USN-6207-1 linux-intel-iotg vulnerabilities
It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...
PT-2023-9188
Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A flaw was found in the 9p passthrough filesystem 9pfs implementation. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape...
SUSE CVE-2016-9915
Memory leak in hw/9pfs/9p-handle.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash by leveraging a missing cleanup operation in the handle backend...
QEMU competitive conditions loophole
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A competitive condition vulnerability exists in the 'v9fsxattrwalk' function of the hw/9pfs/9p.c file in QEMU. A local attacker can exploit th...
DEBIAN-CVE-2016-9105
Memory leak in the v9fslink function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via vectors involving a reference to the source fid object...
DEBIAN-CVE-2016-9104
Multiple integer overflows in the 1 v9fsxattrread and 2 v9fsxattrwrite functions in hw/9pfs/9p.c in QEMU aka Quick Emulator allow local guest OS administrators to cause a denial of service QEMU process crash via a crafted offset, which triggers an out-of-bounds access...
UBUNTU-CVE-2016-9103
The v9fsxattrcreate function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them...