Astra Linux – Vulnerability in Qemu

A NULL pointer dereference flaw was discovered in the floppy disk emulator of QEMU. This issue occurs when processing read/write ioport commands, especially if the selected floppy drive is not initialized using a block device. This flaw allows a privileged guest user to crash the QEMU process on...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003661)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003661 advisory. In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setupformatparams division-by-zero. Two consecutive ioctls can trigger the bug...

EUVD-2021-7642

Malicious code in bioql PyPI...

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or potential information leakage from the host memory.

...

Linux Distros Unpatched Vulnerability : CVE-2019-14284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a denial of service by setupformatparams division-by-zero. Two consecutive ioctls can trigger th...

Linux Distros Unpatched Vulnerability : CVE-2019-14283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.2.3, setgeometry in drivers/block/floppy.c does not validate the sect and head fields, as demonstrated by an integer overflow and...

SUSE CVE-2021-3507

A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 including. It could occur in fdctrltransferhandler in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU...

QEMU: block: fdc: null pointer dereference may lead to guest crash

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulti...

DEBIAN-CVE-2021-20196

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulti...

UBUNTU-CVE-2021-20196

A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulti...

DEBIAN-CVE-2015-3456

The Floppy Disk Controller FDC in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service out-of-bounds write and guest crash or possibly execute arbitrary code via the 1 FDCMDREADID, 2 FDCMDDRIVESPECIFICATIONCOMMAND, or other unspecified commands, ak...