83 matches found
Security update for virtiofsd
This update for virtiofsd fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257912. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2026:0816-1 Security update for virtiofsd
This update for virtiofsd fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257912...
MiracleLinux 8 : virt:rhel (AXSA:2021-1567:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1567:01 advisory. QEMU: virtiofsd: potential privileged host device access from guest CVE-2020-35517 Tenable has extracted the preceding description block directly from the...
EUVD-2021-7699
Malicious code in bioql PyPI...
CVE-2024-43806 affecting package virtiofsd for versions less than 1.8.0-3
CVE-2024-43806 affecting package virtiofsd for versions less than 1.8.0-3. A patched version of the package is available...
CVE-2024-43806 affecting package virtiofsd for versions less than 1.8.0-3
CVE-2024-43806 affecting package virtiofsd for versions less than 1.8.0-3. A patched version of the package is available...
virtiofsd bug fix and enhancement update
An update is available for virtiofsd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9....
Fedora: Security Advisory (FEDORA-2023-eb87748e07)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-9974808629)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-48312 CVE-2024-43806 affecting package virtiofsd for versions less than 1.8.0-3
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
AZL-48318 CVE-2024-43806 affecting package virtiofsd for versions less than 1.8.0-3
Rustix is a set of safe Rust bindings to POSIX-ish APIs. When using rustix::fs::Dir using the linuxraw backend, it's possible for the iterator to "get stuck" when an IO error is encountered. Combined with a memory over-allocation issue in rustix::fs::Dir::readmore, this can cause quick and...
A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system.
...
OPENSUSE-SU-2024:13645-1 virtiofsd-1.10.1-1.1 on GA media
These are all security issues fixed in the virtiofsd-1.10.1-1.1 package on the GA media of openSUSE Tumbleweed...
virtiofsd bug fix and enhancement update
An update is available for virtiofsd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9....
Fedora: Security Advisory for virtiofsd (FEDORA-2024-f2305d485f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for virtiofsd (FEDORA-2024-04877592b7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : firecracker / virtiofsd (2023-8e6ae98f81)
The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-8e6ae98f81 advisory. Rebuild dependent packages for vm-memory v0.12.2 to address CVE-2023-41051 / RUSTSEC-2023-0056. - https://vulners.com/cve/CVE-2023-41051 -...
Fedora: Security Advisory for virtiofsd (FEDORA-2023-c19aaa2283)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: virtiofsd-1.7.0-4.fc39
Virtio-fs vhost-user device daemon Rust version...
Fedora: Security Advisory for virtiofsd (FEDORA-2023-8e6ae98f81)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...