38 matches found
CVE-2026-13322
A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...
CVE-2026-13322 Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service
A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...
CVE-2026-13322
CVE-2026-13322 affects KubeVirt, specifically the virt-handler on RHEL9, where the downward metrics virtio-serial server uses textproto.Reader.ReadLine() to read guest requests. The read is unbounded: there is no maximum length or read deadline, so a user with access to a VM guest can send an ong...
CVE-2026-13322
A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...
EUVD-2026-39599
A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...
CVE-2026-13322
A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine, which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the...
OESA-2024-1505 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...
OESA-2024-1494 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or...
UBUNTU-CVE-2024-3446
A double free vulnerability was found in QEMU virtio devices virtio-gpu, virtio-serial-bus, virtio-crypto, where the memreentrancyguard flag insufficiently protects against DMA reentrancy issues. This issue could allow a malicious privileged guest user to crash the QEMU process on the host,...
SUSE CVE-2015-5745
Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...
DEBIAN-CVE-2013-4535
The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...
CVE-2013-4535
The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...
Code injection
The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...
CVE-2013-4535
The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...
CVE-2013-4535
QEMU's virtqueue_map_sg in hw/virtio/virtio.c (affected: before 1.7.2) allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read. Root cause is in virtqueue handling; impact is arbitrary code execution with local access. Remediati...
CVE-2015-5745
Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...
DEBIAN-CVE-2015-5745
Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...
CVE-2015-5745
Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...
CVE-2015-5745
CVE-2015-5745: A buffer overflow in QEMU’s virtio-serial device (send_control_msg in hw/char/virtio-serial-bus.c) allows a crafted virtio control message from a guest to crash the QEMU process. Affects QEMU before 2.4.0. Multiple sources (Debian DSA-3349-1; Gentoo GLSA 201602-01; Arista advisory)...
CVE-2015-5745
Buffer overflow in the sendcontrolmsg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service QEMU process crash via a crafted virtio control message...