3041 matches found
RLSA-2026:39311 Low: qemu-kvm security update
Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fixes: qemu-kvm: Heap buffer overflow in virtio-blk SCSI request handling...
qemu-kvm security update
An update is available for qemu-kvm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kernel-based Virtual Machine KVM is a full virtualization solution for Linux...
CVE-2026-53365
A flaw was found in the Linux kernel's vsock/virtio component. This vulnerability occurs during zerocopy completion for large messages fragmented into multiple socket kernel buffers skbs. An issue in how user arguments uargs are handled for these buffers can lead to pinned user pages not being...
CVE-2026-53365
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix zerocopy completion for multi-skb sends When a large message is fragmented into multiple skbs, the zerocopy uarg is only allocated and attached to the last skb in the loop. Non-final skbs carry pinned user pages...
CVE-2026-53365
CVE-2026-53365 concerns the Linux kernel patch for vsock/virtio zerocopy completion across multi-skb sends. The fix ensures zerocopy uarg is allocated before the send loop and attached to every skb via skb_zcopy_set(), so each skb carries a reference and completion decrements correctly. This prev...
CVE-2026-53365 vsock/virtio: fix zerocopy completion for multi-skb sends
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix zerocopy completion for multi-skb sends When a large message is fragmented into multiple skbs, the zerocopy uarg is only allocated and attached to the last skb in the loop. Non-final skbs carry pinned user pages...
Linux Distros Unpatched Vulnerability : CVE-2026-53365
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: fix zerocopy completion for multi-skb sends When a large message is fragmented into multiple skbs, the zerocopy uarg is only allocated and attache...
OESA-2026-2952 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability, which was classified as critical, has been found in QEMU Virtualization Software version unknown.Using CWE to declare the problem leads to CWE-190. The product performs a...
OESA-2026-2951 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high...
Linux Distros Unpatched Vulnerability : CVE-2026-3886
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A design error vulnerability has been identified in QEMU. This issue affects the virtio-gpu driver. CVE-2026-3886 Note that Nessus relies on the presence of the...
SUSE-SU-2026:2799-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-10263: arm64: cputype: Add C1-Ultra definitions bsc1266290. - CVE-2025-40216: iouring/rsrc: don't rely on user vaddr alignment bsc1259764. - CVE-2025-40341:...
Medium: qemu
Issue Overview: A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request...
OPENSUSE-SU-2026:21253-1 Security update for qemu
This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: - CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver bsc1268061. - CVE-2026-48914: heap buffer overflow d...
SUSE-SU-2026:22550-1 Security update for qemu
This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: - CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver bsc1268061. - CVE-2026-48914: heap buffer overflow d...
SUSE-SU-2026:22576-1 Security update for qemu
This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: - CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver bsc1268061. - CVE-2026-48914: heap buffer overflow d...
OESA-2026-2861 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A vulnerability, which was classified as critical, has been found in QEMU Virtualization Software version unknown.Using CWE to declare the problem leads to CWE-190. The product performs a...
USN-8498-1 linux-nvidia-tegra vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
USN-8492-2 linux-aws-6.8, linux-gcp-6.8, linux-gke, linux-gkeop, linux-ibm-6.8, linux-nvidia-lowlatency, linux-oracle-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; -...
drm/virtio: Fix driver removal with disabled KMS
...
Linux Distros Unpatched Vulnerability : CVE-2026-53347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio- gpu driver built with disabled KMS, leading to access ...