Lucene search
K

26 matches found

SUSE CVE
SUSE CVE
added 2024/10/15 3:8 a.m.6 views

SUSE CVE-2024-6519

A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape...

8.2CVSS6.8AI score0.0025EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2024/10/15 12:0 a.m.5 views

QEMU SCSI Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of QEMU. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the implementation of th...

8.2CVSS7AI score0.0025EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/24 12:0 a.m.44 views

SUSE SLES12: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2024:1395-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1395-1 advisory. - CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free bsc1190011 - CVE-2022-0216: Fixed use-after-free in...

8.2CVSS7AI score0.01606EPSS
Exploits2References16
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.30 views

EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-2082)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Bloc...

8.8CVSS7.2AI score0.02701EPSS
Exploits9References17
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.46 views

SUSE SLES15: qemu / qemu-SLOF / qemu-arm / qemu-audio-alsa / qemu-audio-pa / etc (SUSE-SU-2023:0840-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0840-1 advisory. - CVE-2022-4144: Fixed unsafe address translation can lead to out-of-bounds read in qxlphys2virt bsc1205808. - CVE-2021-3507: Fixed...

8.8CVSS6.8AI score0.00643EPSS
Exploits5References20
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.47 views

EulerOS Virtualization 2.9.1 : qemu (EulerOS-SA-2023-1212)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Blo...

8.2CVSS7.5AI score0.00643EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.41 views

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2023-1242)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Blo...

8.2CVSS7.5AI score0.00643EPSS
Exploits5References5
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.39 views

EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2022-2925)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Blo...

8.2CVSS7.3AI score0.00643EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2022/12/28 12:0 a.m.49 views

EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2022-2951)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Blo...

8.2CVSS7.3AI score0.00643EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2022/12/12 12:0 a.m.36 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : QEMU vulnerabilities (USN-5772-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5772-1 advisory. It was discovered that QEMU incorrectly handled bulk transfers from SPICE clients. A remote attacker could use this...

8.5CVSS7.1AI score0.02904EPSS
Exploits3References7
Tenable Nessus
Tenable Nessus
added 2022/11/05 12:0 a.m.39 views

Oracle Linux 7 : qemu (ELSA-2022-9978)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9978 advisory. - scsi/lsi53c895a: really fix use-after-free in lsidomsgout CVE-2022-0216 Mauro Matteo Cascella Orabug: 34353672 CVE-2022-0216 - scsi/lsi53c895a: fix...

4.4CVSS6.4AI score0.00405EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/10/28 12:0 a.m.45 views

SUSE SLED15: qemu / qemu-SLOF / qemu-accel-qtest / qemu-accel-tcg-x86 / qemu-arm / etc (SUSE-SU-2022:3795-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3795-1 advisory. - CVE-2022-0216: Fixed a use after free issue found in hw/scsi/lsi53c895a.c. bsc1198038 -...

8.8CVSS6.6AI score0.00636EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2019:13921-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.06169EPSS
Exploits2References18
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2018:3927-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.4AI score0.06169EPSS
Exploits2References2
CNVD
CNVD
added 2021/05/31 12:0 a.m.11 views

QEMU Null Pointer Dereference Vulnerability (CNVD-2021-41094)

QEMU Quick Emulator is a set of simulation processor software by French software developer Fabrice Bellard. The software is fast, cross-platform and other characteristics. A null pointer dereference vulnerability exists in am53c974 SCSI host bus adapter emulation in versions of QEMU prior to 6.0....

4.4CVSS6.2AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 2021/05/28 11:15 a.m.19 views

CVE-2020-35505

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of...

4.4CVSS6.1AI score
Exploits0References6
Debian CVE
Debian CVE
added 2021/05/28 10:20 a.m.24 views

CVE-2020-35505

A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of...

4.4CVSS5.4AI score0.00315EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2018:3912-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.06169EPSS
Exploits2References9
RedhatCVE
RedhatCVE
added 2020/09/29 2:41 p.m.19 views

CVE-2020-25742

A NULL pointer dereference flaw was found in the LSI53C895A SCSI Host Bus Adapter emulator of QEMU. This flaw occurs while processing 'Memory Move' instructions to move data between DMA memory and I/O address space via lsimemcpy. This flaw allows a guest user or process to crash the QEMU process,...

2.1CVSS4.3AI score0.00467EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/01/07 12:0 a.m.53 views

SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2019:0003-1)

This update for xen fixes the following issues : Update to Xen 4.11.1 bug fix release bsc1027519 CVE-2018-17963: Fixed an integer overflow issue in the QEMU emulator, which could occur when a packet with large packet size is processed. A user inside a guest could have used this flaw to crash the...

9.8CVSS6.7AI score0.04782EPSS
Exploits0References35
Rows per page
Query Builder