CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•9 views

Astra Linux - уязвимость в qemu

An information disclosure vulnerability was discovered in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw resides in the virglcmdgetcapsetinfo function in contrib/vhost-user-gpu/virgl.c, and can occur due to the reading of uninitialized memory...

6.5CVSS6.7AI score0.00151EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в qemu

Several memory leaks were discovered in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. These leaks occur in the contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c files, due to improper release of memory i.e., freeing it after...

6.5CVSS6.7AI score0.00032EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в qemu

A out-of-bounds write vulnerability was discovered in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. This flaw occurs during the processing of the ‘VIRTIOGPUCMDGETCAPSET’ command from the guest. It could allow a privileged guest user to crash the QEMU...

8.2CVSS7.1AI score0.00172EPSS

Exploits0References2

Microsoft CVE•added 2025/10/02 6:11 a.m.•2 views

Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.

...

6.5CVSS7AI score0.00032EPSS

Exploits0

SUSE CVE•added 2023/02/15 3:49 a.m.•3 views

SUSE CVE-2021-3545

An information disclosure vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw exists in virglcmdgetcapsetinfo in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest...

5CVSS6.5AI score0.00151EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 3:49 a.m.•3 views

SUSE CVE-2021-3544

Several memory leaks were found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory i.e., free after effective lifetime...

5CVSS7AI score0.00032EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 3:49 a.m.•1 views

SUSE CVE-2021-3546

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...

6.5CVSS7.5AI score0.00172EPSS

Exploits0References7

Tenable Nessus•added 2021/12/01 12:0 a.m.•96 views

Oracle Linux 8 : kvm_utils (ELSA-2021-9568)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9568 advisory. - In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. CVE-2020-15469 - A flaw was foun...

8.2CVSS7.2AI score0.00305EPSS

Exploits3References15

Veracode•added 2021/08/12 3:39 p.m.•11 views

Information Disclosure

qemu is vulnerable to information disclosure. The vulnerability was found in the virtio vhost-user GPU device due to a flaw in virglcmdgetcapsetinfo in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory...

6.5CVSS5.9AI score0.00151EPSS

Exploits0References6Affected Software5