MiracleLinux 9 : kernel-5.14.0-427.31.1.el9_4 (AXSA:2024-8705:26)

"The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8705:26 advisory. kernel: phy: CVE-2024-26600 kernel: netfilter: multiple flaws CVE-2024-26808, CVE-2024-27065, CVE-2024-35899, CVE-2024-36005 kernel: cifs:...

The vulnerability in the file drivers/net/caif/caif_virtio.c of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the drivers/net/caif/caifvirtio.c file in Linux kernels is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the virtio component in the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the virtio component in the Linux operating system is related to a memory leak in the virtiorpmsgreleasedevice function. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the virtio component in the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the virtio component in the Linux operating system is related to stack overflow. Exploiting this vulnerability can allow an attacker to cause a service failure...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper CVE-2023-52796 In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries CVE-2023-52803 In the Linux...

USN-3125-1 qemu, qemu-kvm vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. CVE-2016-5403 Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the virtqueuepop function in the QEMU hardware/virtio/virtio.c file is related to resource management errors. Exploiting this vulnerability allows a local attacker to cause a service failure e.g., memory consumption, premature termination of the QEMU process by sending reques...

Qemu: virtio: unbounded memory allocation on host via guest leading to DoS

Quick Emulator QEMU built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement results in unbounded memory allocation ...

qemu: virtio: buffer overrun on incoming migration

Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...