3 matches found
Oracle Linux 9 : qemu-kvm (ELSA-2024-12674)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12674 advisory. - hw/virtio/virtio-crypto: Protect from DMA re-entrancy bugs Philippe Mathieu-Daude Orabug: 36869694 CVE-2024-3446 - hw/char/virtio-serial-bus: Protec...
The vulnerability of the `register_vfs()` function (hw/pci/pcie_sriov.c) in the QEMU hardware/software emulator allows a attacker to cause a service failure.
The vulnerability of the registervfs function in the hw/pci/pciesriov.c file of the QEMU hardware emulation software is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
Buffer overflow
An issue was discovered in QEMU 7.1.0 through 8.2.1. registervfs in hw/pci/pciesriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations...