207 matches found
CVE-2025-14876 Qemu-kvm: unbounded allocation in virtio-crypto
A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service DoS on the host system by causing the QEMU process to terminate...
EUVD-2016-10439
Malware in sbrugna...
EUVD-2013-4395
Malware in sbrugna...
EUVD-2017-11794
Malware in sbrugna...
EUVD-2017-6745
Malware in sbrugna...
EUVD-2017-9183
Malware in sbrugna...
EUVD-2021-26721
Malware in sbrugna...
EUVD-2020-6485
Malware in sbrugna...
EUVD-2017-15275
Malware in sbrugna...
EUVD-2017-15274
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-3929
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A DMA reentrancy issue was found in the NVM Express Controller NVME emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentran...
Linux Distros Unpatched Vulnerability : CVE-2020-14339
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged...
Linux Distros Unpatched Vulnerability : CVE-2013-4536
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An user able to alter the savevm data either on the disk or over the wire during migration could use this flaw to to corrupt QEMU process memory on the...
Linux Distros Unpatched Vulnerability : CVE-2015-5745
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process...
Linux Distros Unpatched Vulnerability : CVE-2020-14394
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows...
CBL Mariner 2.0 Security Update: qemu / qemu-kvm (CVE-2021-4207)
The version of qemu / qemu-kvm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-4207 advisory. - A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled...
Advisory ROSA-SA-2024-2355
Software: libvirt 6.0.0 OS: ROSA Virtualization 2.1 packageevrstring: libvirt-6.0.0-28.module+el8.3.0+7827+5e65edd7.src.rpm CVE-ID: CVE-2020-14339 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability was discovered in libvirt that caused the /dev/mapper/control file descriptor to be exposed to...
EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-3064)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the 9p passthrough filesystem 9pfs implementation in QEMU. The 9pfs server did not prohibit opening special file...
F5 Networks BIG-IP : QEMU vulnerability (K41142448)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K41142448 advisory. ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash th...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2134)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...