25 matches found
SUSE-SU-2026:21912-1 Security update for qemu
This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...
SUSE-SU-2026:21354-1 Security update for qemu
This update for qemu fixes the following issues: Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests sent from the guest bsc1259079. - CVE-2026-3195: heap out-of-bounds write when reading input audio in the...
OPENSUSE-SU-2026:20567-1 Security update for qemu
This update for qemu fixes the following issues: Update to version 10.0.9. Security issues fixed: - CVE-2026-3196: unbounded memory allocation and host denial-of-service via PCMINFO requests sent from the guest bsc1259079. - CVE-2026-3195: heap out-of-bounds write when reading input audio in the...
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : QEMU vulnerabilities (USN-8161-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8161-1 advisory. It was discovered that the LSI53C895A SCSI Host Bus Adapter implementation of QEMU incorrectly handled memory. An attacker inside the...
OESA-2026-1847 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer,...
OESA-2026-1846 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer,...
OESA-2026-1845 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer,...
USN-8161-1 qemu vulnerabilities
It was discovered that the LSI53C895A SCSI Host Bus Adapter implementation of QEMU incorrectly handled memory. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2024-6519 It was discovered...
UBUNTU-CVE-2026-3196
two potential OOB memory accesses in virtio-snd...
CVE-2026-3196
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
Azure Linux 3.0 Security Update: qemu (CVE-2024-7730)
The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7730 advisory. - A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio- snd...
EUVD-2024-48607
Malicious code in bioql PyPI...
Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()
...
Astra Linux - уязвимость в qemu
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
OESA-2024-2414 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov...
CVE-2024-7730
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
DEBIAN-CVE-2024-7730
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
AZL-60907 CVE-2024-7730 affecting package qemu for versions less than 8.2.0-16
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
CVE-2024-7730
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtiosndpcmincb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element...
CVE-2024-7730
CVE-2024-7730 references a heap buffer overflow in the QEMU virtio-snd device. The vulnerability arises when reading input audio in virtio_snd_pcm_in_cb, where the iov isn’t validated to fit the data buffer, enabling an out-of-bounds write if the virtio queue element size equals virtio_snd_pcm_st...