Lucene search
K

59 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Qemu

A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device in versions prior to 6.1.0. The issue occurs when handling a “PVRDMAREGDSRHIGH” write from the guest, and it may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer...

6CVSS6.7AI score0.00363EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Qemu

An integer overflow was detected in the QEMU implementation of VMWare’s paravirtual RDMA device in versions prior to 6.1.0. The issue occurs when handling a “PVRDMAREGDSRHIGH” write from the guest due to improper input validation. This flaw allows a privileged guest user to instruct QEMU to...

6CVSS6.8AI score0.00299EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 9:36 a.m.29 views

CVE-2026-46189

CVE-2026-46189 affects the Linux kernel RDMA pvrdma component (pvrdma_alloc_ucontext). The issue is a double free: pvrdma_uar_free() is invoked in pvrdma_dealloc_ucontext() and is erroneously called before, creating a double free condition. Concrete fixes exist in OSV entries for multiple distrib...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References14Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/08 12:0 a.m.5 views

SUSE SLES15: qemu / qemu-SLOF / qemu-accel-tcg-x86 / qemu-arm / qemu-audio-alsa / etc (SUSE-SU-2026:0043-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0043-1 advisory. Security issues fixed: - CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through ...

6.8CVSS7.1AI score0.0065EPSS
Exploits0References12
OSV
OSV
added 2026/01/06 4:3 p.m.4 views

SUSE-SU-2026:0043-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through a malicious guest driver to crash the QEMU process on the host bsc1209554. - CVE-2024-6505: heap-based buffer overflo...

6.8CVSS7.3AI score0.0065EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-26891

Malware in sbrugna...

6.5CVSS6.5AI score0.00386EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-26912

Malware in sbrugna...

6CVSS6.9AI score0.00363EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/06/06 12:0 a.m.51 views

Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...

7.1CVSS6.3AI score0.00373EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.30 views

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2023-2906)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands whe...

8.8CVSS6.9AI score0.01592EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/01/09 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-6567-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.01592EPSS
Exploits5References2
OSV
OSV
added 2024/01/08 5:46 p.m.4 views

USN-6567-1 qemu vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.2AI score0.01592EPSS
Exploits5References15
Ubuntu
Ubuntu
added 2024/01/08 5:46 p.m.69 views

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.1AI score0.01592EPSS
Exploits5
OSV
OSV
added 2023/12/08 11:6 a.m.3 views

OESA-2023-1894 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used...

6.3CVSS6.5AI score0.00309EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/11/08 12:0 a.m.27 views

NewStart CGSL MAIN 6.06 : qemu Multiple Vulnerabilities (NS-SA-2023-0132)

The remote NewStart CGSL host, running version MAIN 6.06, has qemu packages installed that are affected by multiple vulnerabilities: - In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 fixed, when executing script in...

7.7AI score0.05447EPSS
Exploits1References15
OpenVAS
OpenVAS
added 2023/10/09 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2906)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.01592EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/09/22 12:0 a.m.22 views

SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-pa / qemu-block-curl / etc (SUSE-SU-2023:3721-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3721-1 advisory. - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed a...

8.8CVSS7AI score0.01592EPSS
Exploits4References32
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.45 views

Oracle Linux 8 : virt:kvm_utils2 (ELSA-2023-12358)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12358 advisory. - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug: 35305727 CVE-2023-1544 Tenable has extracted the preceding description block direct...

6.3CVSS6.7AI score0.00309EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/08/10 12:0 a.m.31 views

QEMU < 7.2.4 / < 8.0.3 Multiple Vulnerabilites

The version of QEMU installed on the remote Windows host is affected by multiple vulnerabilities, as follows: - A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on...

6.5CVSS6.7AI score0.00309EPSS
Exploits0References5
OSV
OSV
added 2023/05/26 11:5 a.m.4 views

OESA-2023-1298 qemu security update

Security Fixes: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.CVE-2022-1050...

8.8CVSS7AI score0.00374EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.62 views

Oracle Linux 9 : qemu-kvm (ELSA-2023-12328)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12328 advisory. - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge...

6.3CVSS6.5AI score0.00309EPSS
Exploits0References2
Rows per page
Query Builder