60 matches found
OESA-2026-2557 kata-containers security update
This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: 'This vulnerability was fixed in Kata Containers 3.31.0:', 'Description:\n\nIn the runtime-rs standalone virtio-fs path, Kata Containers runs virtiofsd\nas root with --sandbox none --seccom...
EUVD-2020-3146
Malware in sbrugna...
EUVD-2020-23184
Malware in sbrugna...
EUVD-2022-15514
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-53219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following...
Linux Distros Unpatched Vulnerability : CVE-2022-0358
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user c...
Linux Distros Unpatched Vulnerability : CVE-2021-20263
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the virtio-fs shared file system daemon virtiofsd of QEMU. The new 'xattrmap' option may cause the 'security.capability' xattr in the guest ...
Linux Distros Unpatched Vulnerability : CVE-2020-10717
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A potential DoS flaw was found in the virtio-fs shared file system daemon virtiofsd implementation of the QEMU version = v5.0. Virtio-fs is meant to share a hos...
CVE-2024-53219
In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...
AZL-67605 CVE-2024-53219 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...
CBL Mariner 2.0 Security Update: qemu / qemu-kvm (CVE-2022-0358)
The version of qemu / qemu-kvm installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-0358 advisory. - A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw...
Linux kernel security vulnerabilities
The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a memory leak in virtiofsprobe...
[SECURITY] Fedora 38 Update: virtiofsd-1.10.1-1.fc38
Virtio-fs vhost-user device daemon Rust version...
[SECURITY] Fedora 39 Update: virtiofsd-1.10.1-1.fc39
Virtio-fs vhost-user device daemon Rust version...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:0711)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:0711 advisory. - A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to creat...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2022:0886)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0886 advisory. - A flaw was found in the QEMU virtio-fs shared file system daemon virtiofsd implementation. This flaw is strictly related to CVE-2018-13405. A local guest user...
[SECURITY] Fedora 38 Update: virtiofsd-1.7.0-4.fc38
Virtio-fs vhost-user device daemon Rust version...
EulerOS Virtualization 2.11.1 : qemu (EulerOS-SA-2023-2082)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Bloc...
EulerOS Virtualization 2.11.0 : qemu (EulerOS-SA-2023-2134)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Bloc...
SUSE CVE-2020-35517
A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system daemon where a privileged guest user is able to create a device special file in the shared directory and use it to r/w access host devices...