18 matches found
EUVD-2024-48876
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-7409
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a clie...
Linux Distros Unpatched Vulnerability : CVE-2017-9524
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The qemu-nbd server in QEMU aka Quick Emulator, when built with the Network Block Device NBD Server support, allows remote attackers to cause a denial of servic...
SUSE-SU-2024:3744-1 Security update for qemu
This update for qemu fixes the following issues: Security fixes: - CVE-2024-8354: Fixed assertion failure in usbepget bsc1230834 - CVE-2024-8612: Fixed information leak in virtio devices bsc1230915 Update version to 8.2.7: Security fixes: - CVE-2024-7409: Fixed denial of service via improper...
SUSE SLED15: qemu / qemu-SLOF / qemu-accel-qtest / qemu-accel-tcg-x86 / qemu-arm / etc (SUSE-SU-2024:2983-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2983-1 advisory. - CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command bsc1227322 -...
AZL-60916 CVE-2024-7409 affecting package qemu for versions less than 8.2.0-19
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...
DEBIAN-CVE-2024-7409
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...
CVE-2024-7409 Qemu: denial of service via improper synchronization in qemu nbd server during socket closure
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline...
PT-2024-6082
Name of the Vulnerable Software and Affected Versions QEMU NBD Server affected versions not specified Description A flaw was found in the QEMU NBD Server, allowing a denial of service DoS attack via improper synchronization during socket closure when a client keeps a socket open as the server is...
K31501591: QEMU vulnerability CVE-2017-15118
Security Advisory Description A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu...
SUSE CVE-2017-15118
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requir...
Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2021-1046)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort
Quick Emulator QEMU built with the Network Block Device NBD Server support is vulnerable to a crash via a SIGPIPE signal. The crash can occur if a client aborts a connection due to any failure during negotiation or read operation. A remote user/process could use this flaw to crash the qemu-nbd...
Fedora 26 : xen (2017-b7f1197c23)
Qemu: usb: ohci: infinite loop due to incorrect return value CVE-2017-9330 1457698 Qemu: nbd: segmentation fault due to client non-negotiation CVE-2017-9524 1460173 Qemu: qemu-nbd: server breaks with SIGPIPE upon client abort CVE-2017-10664 1466466 Qemu: exec: oob access during dma operation...
[SECURITY] [DLA 1071-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u23 CVE ID : CVE-2017-6505 CVE-2017-8309 CVE-2017-10664 CVE-2017-11434 Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-6505...
Debian DSA-3920-1 : qemu - security update
Multiple vulnerabilities were found in qemu, a fast processor emulator : - CVE-2017-9310 Denial of service via infinite loop in e1000e NIC emulation. - CVE-2017-9330 Denial of service via infinite loop in USB OHCI emulation. - CVE-2017-9373 Denial of service via memory leak in IDE AHCI emulation....
DEBIAN-CVE-2017-9524
The qemu-nbd server in QEMU aka Quick Emulator, when built with the Network Block Device NBD Server support, allows remote attackers to cause a denial of service segmentation fault and server crash by leveraging failure to ensure that all initialization occurs before talking to a client in the...
Important: Red Hat Security Advisory: qemu-kvm security update
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...