91 matches found
Astra Linux – Vulnerability in Qemu
A reentrancy issue related to DMA was discovered in the USB EHCI controller emulation of QEMU. EHCI does not verify whether the Buffer Pointer overlaps with its MMIO region when transferring USB packets. Crafted content may be written to the controller’s registers, potentially triggering...
EUVD-2021-27025
Malware in sbrugna...
EUVD-2016-10698
Malware in sbrugna...
EUVD-2017-18309
Malware in sbrugna...
EUVD-2016-3282
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-25723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory...
CBL Mariner 2.0 Security Update: qemu / qemu-kvm (CVE-2021-3750)
The version of qemu / qemu-kvm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3750 advisory. - A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify ...
ROS-20240606-01
A vulnerability in QEMU's USB EHCI controller emulation is related to the lack of checks if the buffer pointer overlaps with the MMIO register when transmitting USB packets. the buffer pointer overlaps with the MMIO region when transmitting USB packets. Exploitation of the vulnerability could all...
SUSE SLES12: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2024:1395-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1395-1 advisory. - CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free bsc1190011 - CVE-2022-0216: Fixed use-after-free in...
CentOS 9 : qemu-kvm-8.0.0-8.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the qemu-kvm-8.0.0-8.el9 build changelog. - A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with...
QEMU: hcd-ehci: DMA reentrancy issue leads to use-after-free
A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:0404)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0404 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2023-6980)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6980 advisory. - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 - Fixes: CVE-2022-40284 - Fixes: CVE-2021-46790, CVE-2022-30783,...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2023:6980)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6980 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
Rocky Linux 9 : qemu-kvm (RLSA-2022:7967)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7967 advisory. - A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 including. It could occur in fdctrltransferhandler in hw/block/fdc.c...
SUSE SLES15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-oss / qemu-audio-pa / etc (SUSE-SU-2023:3800-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3800-1 advisory. - CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. bsc1198712 - CVE-2021-3929: Fixed an use-after-fr...
SUSE SLES15: qemu / qemu-SLOF / qemu-arm / qemu-audio-alsa / qemu-audio-pa / etc (SUSE-SU-2023:3444-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3444-1 advisory. - CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. bsc1207205 - CVE-2023-3354: Fixed a remote unauthenticated D...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2134)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2082)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.11.0 : qemu (EulerOS-SA-2023-2134)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Bloc...