Astra Linux – Vulnerability in Qemu

A flaw was discovered in QEMU, specifically in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size of virtqueuepush, as specified in virtioscsicompletereq, virtioblkreqComplete, and viritocryptoreqComplete, might be larger than the actual size of the data that has been sent to the...

The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueue_push() function allows a attacker to disclose sensitive information.

The vulnerability of the virtio-scsi, virtio-blk, and virtio-crypt components of the QEMU hardware emulation driver’s virtqueuepush function is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to disclose protected information through the...

OESA-2024-2267 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete /...

SUSE CVE-2024-8612

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...

PT-2024-39133 · Qemu +2 · Qemu +2

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue push as set in virtio scsi complete req, virtio blk req complete, and virtio crypto...