114 matches found
CVE-2026-48914
A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...
CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling
A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...
CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling
A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an...
Linux Distros Unpatched Vulnerability : CVE-2026-48914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. ...
CVE-2025-33215
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...
CVE-2025-33215
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...
CVE-2025-33215
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...
CVE-2025-33215
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...
CVE-2025-33215
NVIDIA SNAP-4 Container contains a vulnerability in the VIRTIO-BLK component where a malicious guest VM may cause use of out-of-range pointer offset by sending crafted messages. A successful exploit of this vulnerability may lead to a denial of service of the DPA and impact the availability of...
NVIDIA SNAP-4 Container 安全漏洞
NVIDIA SNAP-4 Container is a containerized operating environment component provided by NVIDIA Corporation in the United States, offering high-performance computing and acceleration capabilities. There is a security vulnerability in NVIDIA SNAP-4 Container, which stems from an out-of-bound pointer...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2026-1195)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2011-1749
Malware in sbrugna...
EUVD-2024-53849
Malicious code in bioql PyPI...
UBUNTU-CVE-2025-38314
In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...
CVE-2022-50064
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...
UBUNTU-CVE-2022-50064
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...
CVE-2022-50064
CVE-2022-50064 involves a use-after-free in the Linux kernel’s virtio-blk path. The issue arises because hctx->user_data is assigned to vq in virtblk_init_hctx(), but vq is freed during suspend and reallocated on resume, making hctx->user_data invalid after resume and capable of causing a k...
CVE-2022-50064
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...
CVE-2022-50064 virtio-blk: Avoid use-after-free on suspend/resume
In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx-userdata is set to vq in virtblkinithctx. However, vq is freed on suspend and reallocated on resume. So, hctx-userdata is invalid after resume, and it will cause...
PT-2025-25990 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A use-after-free issue in the Linux kernel has been identified, specifically in the virtio-blk component. The issue occurs when the hctx-user data is set to vq in virtblk init hctx, bu...