3007 matches found
CVE-2026-3195
CVE-2026-3195 : In QEMU’s virtio-snd, the heap buffer overflow occurs in the input callback (virtio_snd_pcm_in_cb) due to an incomplete bounds/iov check. The Attackerkb entry reiterates that the function does not verify whether the iov can fit the data buffer, enabling a heap out-of-bounds write....
CVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
CVE-2026-3195
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
EUVD-2026-38043
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
CVE-2026-3195
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
CVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
CVE-2026-3196 Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
EUVD-2026-38042
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
CVE-2026-3196
CVE-2026-3196 describes an integer overflow in the virtio-snd device triggered by PCM_INFO requests from a guest, causing unbounded host memory allocation and potential denial-of-service. Documented in multiple feeds (CVE listing, AttackersKB, OSV/Nessus advisories) indicates the vulnerability af...
CVE-2026-3196
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
CVE-2026-3196
An integer overflow vulnerability was found in the virtio-snd device via PCMINFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition...
Astra Linux – Vulnerability in Linux 5.15
The rpmsgprobe function in the drivers/rpmsg/virtiorpmsgbus.c file in the Linux kernel, prior to version 5.18.4, contains a double-free issue...
Astra Linux – Vulnerability in Linux 5.15
A flaw was discovered in vDPA with the VDUSE backend. Currently, there are no checks in the VDUSE kernel driver to ensure that the size of the device configuration space is consistent with the features advertised by the VDUSE user-space application. In the event of a mismatch, the Virtio driver...
Astra Linux – Vulnerability in Linux 5.15
The function rpmsgvirtioaddctrldev in the file drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel, prior to version 5.18.4, contains a double-free...
Siemens RUGGEDCOM RST2428P Missing Synchronization (CVE-2026-23229)
In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...
Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling
...
CVE-2026-46655
A flaw was found in virtio-win. A low-integrity process can issue an IOCTL request to viosock.sys!VIOSockSelect with a maliciously crafted request that causes an integer overflow. This allows the process to circumvent bounds checking, resulting in a heap overflow in the NonPagedPool kernel heap...
SUSE SLED15 / SLES15 Security Update : qemu (SUSE-SU-2026:2385-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2385-1 advisory. - CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when...
Security update for qemu
This update for qemu fixes the following issues: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. CVE-2026-2243: incorrect bounds check leads to heap...
SUSE-SU-2026:2386-1 Security update for qemu
This update for qemu fixes the following issues: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to hea...