EUVD-2022-30912

Malicious code in bioql PyPI...

EUVD-2024-47589

Malicious code in bioql PyPI...

CBL Mariner 2.0 Security Update: qemu (CVE-2024-6505)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6505 advisory. - A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card...

QEMU Buffer Error Vulnerability

QEMU Quick Emulator is a suite of simulation processor software by Fabrice Bellard, an individual developer in France. The software is fast and cross-platform. QEMU suffers from a buffer error vulnerability that stems from a problem with the component virtio-net Device, which can lead to an...

Stack overflow

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

CVE-2023-6693

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

PT-2024-4389 · Qemu +10 · Qemu +10

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio net flush tx function if guest features VIRTIO NET F HASH REPORT,...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2082)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2134)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2898)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2880)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : qemu (EulerOS-SA-2022-2880)

According to the versions of the qemu packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the...

Oracle Linux 9 : qemu-kvm (ELSA-2022-9869)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9869 advisory. - A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : QEMU vulnerabilities (USN-5489-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5489-1 advisory. Alexander Bulekov discovered that QEMU incorrectly handled floppy disk emulation. A privileged attacker inside the guest could us...

Design/Logic Flaw

A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to unmap the cached virtqueue elements on error, leading to memory leakage and other unexpected results. Affected QEMU version: 6.2.0...

CVE-2022-26353

CVE-2022-26353 affects QEMU’s virtio-net device. Root cause: after CVE-2021-3748 fix, cached virtqueue elements aren’t unmapped on error, causing memory leakage. Affected versions include QEMU 6.2.0 and older builds (e.g., packages listed as

USN-5307-1 qemu vulnerabilities

Gaoning Pan discovered that QEMU incorrectly handled the floppy disk emulator. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2021-20196 Gaoning Pan discovered that the QEMU vmxnet3 NIC emulator incorrectly handled certain values. A...

USN-2828-1: QEMU vulnerabilities

Jason Wang discovered that QEMU incorrectly handled the virtio-net device. A remote attacker could use this issue to cause guest network consumption, resulting in a denial of service. CVE-2015-7295 Qinghao Tang and Ling Liu discovered that QEMU incorrectly handled the pcnet driver when used in...