EUVD-2022-39363

Malicious code in bioql PyPI...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

CVE-2021-32845 Moby HyperKit uninitialized memory use vtrnd pci_vtrnd_notify

HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior of HyperKit, the implementation of qnotify at pcivtrndnotify fails to check the return value of vqgetchain. This leads to struct iovec iov; being uninitialized and used to read memory i...

CVE-2021-32845

HyperKit versions 0.20210107 and earlier are affected by a vulnerability in pci_vtrnd_notify where the return value of vq_getchain is not checked. This can result in an uninitialized struct iovec (iov) being used to read memory, potentially causing a guest to crash the host and enable memory corr...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

Stack overflow

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...

CVE-2022-36660

CVE-2022-36660 affects xhyve at commit dfbe09b, with a stack buffer overflow in the pci_vtrnd_notify() component. The advisory signals a high-severity impact (CVSS 3.1: 9.8) through network access, no user interaction, and high impact to confidentiality, integrity, and availability. A temporary m...

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pcivtrndnotify...