SUSE SLES15 / openSUSE 15 Security Update : qemu (SUSE-SU-2023:3721-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3721-1 advisory. - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2082)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K50401227: Linux kernel vulnerability CVE-2022-26354

Security Advisory Description A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions = 6.2.0. CVE-2022-26354 Impact There...

SUSE CVE-2022-26354

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions = 6.2.0...

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2022-2213)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the...

SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2022:2254-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2254-1 advisory. - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc functio...

QEMU: vhost-vsock: missing virtqueue detach on error can lead to memory leak

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : QEMU vulnerabilities (USN-5489-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5489-1 advisory. Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could us...

Debian DLA-2970-1 : qemu - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2970 advisory. Several issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, information disclosure or the the execution of arbitrar...

DEBIAN-CVE-2022-26354

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions = 6.2.0...

CVE-2022-26354

A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions = 6.2.0...