Lucene search
K

15 matches found

EUVD
EUVD
added 2026/06/09 12:36 p.m.11 views

EUVD-2026-35415

In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of replaced Since commit 1f3e4142c0eb "9p: convert to the new mount API", v9fsapplyoptions applies parsed mount flags with |= onto flags already set by v9fssessioninit. For 9P2000.L,...

5.4AI score0.00121EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 11:28 a.m.29 views

CVE-2026-43249

The CVE-2026-43249 entry describes a race in the Linux kernel 9p/xen frontend: xenwatch and backend change notifications can concurrently call xen_9pfs_front_free, causing a double-free and a general protection fault. The fixes guard the teardown path so only a single caller releases the front-en...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003797)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003797 advisory. An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and denial o...

7.5CVSS7AI score0.02895EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-16413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.0.4. The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and...

7.5CVSS6.8AI score0.02895EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/06/13 12:0 a.m.6 views

The vulnerability of the file system for pervasive access 9p (9pfs) in the QEMU hardware emulation software allows a perpetrator to circumvent existing access control policies.

The vulnerability of the 9pfs file system, a hypervisor-based emulator of QEMU, is related to the absence of a prohibition on opening specific files on the host side. Exploiting this vulnerability can allow a perpetrator to circumvent existing access control policies...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References7Affected Software4
OSV
OSV
added 2023/12/06 7:15 a.m.7 views

AZL-35167 CVE-2023-2861 affecting package qemu for versions less than 8.2.0-1

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References1
OSV
OSV
added 2023/12/06 7:15 a.m.2 views

DEBIAN-CVE-2023-2861

A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape from the exported 9p tree by creating and opening a device file in the shared folder...

7.1CVSS6.8AI score0.00376EPSS
Exploits0References1
OSV
OSV
added 2023/08/06 11:5 a.m.5 views

OESA-2023-1474 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated,...

8.8CVSS6.8AI score0.00376EPSS
Exploits0References4
OSV
OSV
added 2023/07/06 7:0 p.m.9 views

USN-6207-1 linux-intel-iotg vulnerabilities

It was discovered that the TUN/TAP driver in the Linux kernel did not properly initialize socket data. A local attacker could use this to cause a denial of service system crash. CVE-2023-1076 It was discovered that the Real-Time Scheduling Class implementation in the Linux kernel contained a type...

7.8CVSS6.6AI score0.01377EPSS
Exploits4References9
Positive Technologies
Positive Technologies
added 2023/06/30 12:0 a.m.3 views

PT-2023-9188

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A flaw was found in the 9p passthrough filesystem 9pfs implementation. The 9pfs server did not prohibit opening special files on the host side, potentially allowing a malicious client to escape...

7.1CVSS6.7AI score0.00376EPSS
Exploits0References150
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.2 views

SUSE CVE-2016-9915

Memory leak in hw/9pfs/9p-handle.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash by leveraging a missing cleanup operation in the handle backend...

6.5CVSS8.5AI score0.00437EPSS
Exploits0References4
CNVD
CNVD
added 2017/10/16 12:0 a.m.5 views

QEMU competitive conditions loophole

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A competitive condition vulnerability exists in the 'v9fsxattrwalk' function of the hw/9pfs/9p.c file in QEMU. A local attacker can exploit th...

5.6CVSS6.9AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2016/12/09 10:59 p.m.3 views

DEBIAN-CVE-2016-9105

Memory leak in the v9fslink function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via vectors involving a reference to the source fid object...

6CVSS6AI score0.0038EPSS
Exploits0References1
OSV
OSV
added 2016/12/09 10:59 p.m.2 views

DEBIAN-CVE-2016-9104

Multiple integer overflows in the 1 v9fsxattrread and 2 v9fsxattrwrite functions in hw/9pfs/9p.c in QEMU aka Quick Emulator allow local guest OS administrators to cause a denial of service QEMU process crash via a crafted offset, which triggers an out-of-bounds access...

4.4CVSS8.4AI score0.00396EPSS
Exploits0References1
OSV
OSV
added 2016/10/31 12:0 a.m.2 views

UBUNTU-CVE-2016-9103

The v9fsxattrcreate function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them...

6CVSS6.7AI score0.00393EPSS
Exploits0References5
Rows per page
Query Builder