28 matches found
ROS-20251106-09
A vulnerability in the QEMU hardware emulator is related to the incorrect release and use of the irqfd for vector 0 during boot time in QEMU Virtio PCI Bindings hw/virtio/virtio/pci.c. Exploitation of the of the vulnerability could allow an attacker to cause a denial of service...
EUVD-2025-22565
Malicious code in bioql PyPI...
CVE-2025-38346 ftrace: Fix UAF when lookup kallsym after ftrace disabled
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE...
The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueue_push() function allows a attacker to disclose sensitive information.
The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueuepush function is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose protected information through the...
CVE-2025-21868
CVE-2025-21868 affects the Linux kernel networking path that manages small head cache and large MAX_SKB_FRAGS values. The issue arises when a specific revert and page-frag allocator behavior causes a splat in netif_napi_add_weight_locked during initialization, with the root cause tied to the smal...
Linux Distros Unpatched Vulnerability : CVE-2024-53168
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket BUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0 Read of size 1 at addr...
Linux Distros Unpatched Vulnerability : CVE-2022-36648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu an...
CVE-2024-44959
The CVE-2024-44959 entry concerns the Linux kernel tracefs component. It describes a root cause in the in-kernel memory reclaim path where structure layout randomization of struct inode can cause overlapping or misused RCU fields during freeing, potentially triggering list corruption (list_del) a...
The vulnerability of the virtio-net interface in the QEMU hardware emulation software allows a attacker to trigger a service failure.
The vulnerability of the virtio-net emulator’s hardware emulation interface of QEMU is related to the asynchronous nature of the shutdown process, which allows for scenarios of “racing.” Exploiting this vulnerability can enable a perpetrator to cause a service failure...
The vulnerability of the input/output requests for the mptsas_free_request() SCSI function in the QEMU hardware emulation software allows a attacker to cause a service failure.
The vulnerability of the input/output requests for the mptsasfreerequest function in the QEMU hardware emulation software is related to the use of memory after it is freed. Exploiting this vulnerability allows a attacker to cause a service failure...
The vulnerability of the QEMU hardware emulation software, related to pointer swapping errors, allows a hacker to trigger a service failure.
The vulnerability of the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to trigger a service failure...
The vulnerability of the QEMU hardware emulation software, related to access to an uninitialized pointer, allows a hacker to trigger a service failure.
The vulnerability of the QEMU hardware emulation software is related to access to an uninitialized pointer. Exploiting this vulnerability can allow a malicious actor to cause a system failure...
The vulnerability of the lsi_do_msgout function in the QEMU hardware emulation software allows a hacker to trigger a service failure.
The vulnerability of the lsidomsgout function hw/scsi/lsi53c895a.c in the QEMU hardware emulation software is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability in the block/iscsi.c component of the QEMU hardware emulation software involves reading data beyond the allowed buffer limits, allowing an attacker to access confidential data.
The vulnerability in the block/iscsi.c component of the QEMU hardware emulation software involves reading data from beyond the allowable buffer size. Exploiting this vulnerability can allow an attacker to access confidential data...
The vulnerability of the QEMU hardware emulation software, related to pointer swapping errors, allows a hacker to trigger a service failure.
The vulnerability of the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
The vulnerability of the QEMU hardware emulation software lies in the lack of a necessary encryption step, which allows attackers to gain access to confidential data.
The vulnerability of the QEMU hardware emulation software is related to a implementation error in the handling of pointer authentication. Exploiting this vulnerability can allow an attacker to gain access to confidential data...
The vulnerability of the e1000e wireless bridge in the hardware emulation software QEMU, related to the use of memory after it is freed, allows a hacker to trigger a service failure.
The vulnerability of the e1000e wireless bridge in the QEMU hardware emulation software is related to the use of memory after it is freed. Exploiting this vulnerability can allow a hacker to cause a system failure...
The vulnerability of several functions in hw/usb/core.c of the QEMU hardware emulation software involves allowing operations to exceed the permissible buffer data size. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of several functions in the hw/usb/core.c file of the QEMU hardware emulation software is related to the execution of operations that exceed the permissible buffer data size. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrit...
The vulnerability of the QEMU hardware emulation software, related to the swapping of the zero pointer, allows a hacker to trigger a service failure.
The vulnerability of the QEMU hardware emulation software is related to the swapping of the zero pointer. Exploiting this vulnerability can allow an attacker to trigger a service failure...
The vulnerability in the `hw/rdma/vmw/pvrdma_cmd.c` component of the PVRDMA virtual network adapter driver allows a hacker to trigger a service failure.
The vulnerability in the hw/rdma/vmw/pvrdmacmd.c component of the PVRDMA virtual network adapter’s hardware emulation software, QEMU, is related to pointer assignment errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure by creating CQ/QP objects...