Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.2 views

MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.1 (AXSA:2020-748:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-748:04 advisory. QEMU: usb: out-of-bounds r/w access issue while processing usb packets CVE-2020-14364 QEMU: slirp: use-after-free in ipreass function in ipinput.c...

7.5CVSS7.3AI score0.05447EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : virt:rhel (AXSA:2020-911:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-911:01 advisory. QEMU: usb: out-of-bounds r/w access issue while processing usb packets CVE-2020-14364 QEMU: slirp: networking out-of-bounds read information disclosu...

6.5CVSS7.5AI score0.05447EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-18377

Malware in sbrugna...

3.2CVSS6.5AI score0.00357EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-10698

Malware in sbrugna...

6.5CVSS6.7AI score0.00367EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-18310

Malware in sbrugna...

5.5CVSS7.1AI score0.0043EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-3614

Malware in sbrugna...

7.1CVSS7.3AI score0.00406EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2021-3750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it...

8.2CVSS7AI score0.0053EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2016-2392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The isrndis function in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects,...

6.5CVSS6.7AI score0.004EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/01/30 1:35 p.m.3 views

QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...

8.2CVSS7.3AI score0.0053EPSS
Exploits1References6
Microsoft CVE
Microsoft CVE
added 2023/03/10 8:0 a.m.5 views

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

...

8.5CVSS7AI score0.02904EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.4 views

SUSE CVE-2021-3682

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free with faked heap chunk...

6CVSS7.4AI score0.02904EPSS
Exploits0References19
UbuntuCve
UbuntuCve
added 2022/08/17 9:15 p.m.33 views

CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

3.2CVSS6.2AI score0.00363EPSS
Exploits1References2
NVD
NVD
added 2021/08/05 8:15 p.m.26 views

CVE-2021-3682

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free with faked heap chunk...

8.5CVSS0.02904EPSS
Exploits0References6
OSV
OSV
added 2021/08/05 8:15 p.m.1 views

DEBIAN-CVE-2021-3682

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free with faked heap chunk...

8.5CVSS6.8AI score0.02904EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2021/06/04 7:0 a.m.3 views

A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single large transfer request to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack resulting in a denial of service.

...

5.5CVSS7AI score0.00371EPSS
Exploits0
Prion
Prion
added 2021/05/26 10:15 p.m.22 views

Design/Logic Flaw

A flaw was found in the USB redirector device usb-redir of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array VLA on the stack...

2.1CVSS5.2AI score0.00371EPSS
Exploits0References8Affected Software3
Microsoft CVE
Microsoft CVE
added 2020/12/08 12:0 a.m.5 views

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host resulting in a denial of service.

...

3.2CVSS7AI score0.00357EPSS
Exploits0
OSV
OSV
added 2020/12/02 1:15 a.m.9 views

CVE-2020-25723

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...

3.2CVSS5.3AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/05 1:11 p.m.2 views

QEMU: usb: out-of-bounds r/w access issue while processing usb packets

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...

5CVSS7.2AI score0.05447EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2020/09/30 9:20 a.m.3 views

QEMU: usb: out-of-bounds r/w access issue while processing usb packets

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...

5CVSS7.2AI score0.05447EPSS
Exploits1References6
Rows per page
Query Builder