PT-2026-1239

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the s390/fpu component related to false-positive Kernel Memory Sanitizer KMSAN reports within the fpu vstl function. This occurs because the 'vstl'...

UBUNTU-CVE-2022-50426

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or stopping, some resources rpmsg device and endpoint have been released in rprocstopsubdevices, then...

CVE-2022-50426 remoteproc: imx_dsp_rproc: Add mutex protection for workqueue

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Add mutex protection for workqueue The workqueue may execute late even after remoteproc is stopped or stopping, some resources rpmsg device and endpoint have been released in rprocstopsubdevices, then...

CVE-2022-50263

In the Linux kernel, the following vulnerability has been resolved: vdpasim: fix memory leak when freeing IOTLBs After commit bda324fd037a "vdpasim: control virtqueue support", vdpasim-iommu became an array of IOTLB, so we should clean the mappings of each free one by one instead of just deleting...

Linux Distros Unpatched Vulnerability : CVE-2022-50058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a vdpasim:...

Linux Distros Unpatched Vulnerability : CVE-2021-46967

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: vhost-vdpa: fix vmflags for virtqueue doorbell mapping The virtqueue doorbell is usually...

UBUNTU-CVE-2025-38314

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...

CVE-2025-38314 virtio-pci: Fix result size returned for the admin command completion

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtiopciadmindevpartsget is 8 bytes larger than the actual result data size. This occurs because the resultsgsize field of the...

CVE-2022-50058 vdpa_sim_blk: set number of address spaces and virtqueue groups

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...

CVE-2022-50058

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: set number of address spaces and virtqueue groups Commit bda324fd037a "vdpasim: control virtqueue support" added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for vdpasimblk. When...

Azure Linux 3.0 Security Update: qemu / qemu-kvm (CVE-2022-26354)

The version of qemu / qemu-kvm installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-26354 advisory. - A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not...

UBUNTU-CVE-2024-53092

In the Linux kernel, the following vulnerability has been resolved: virtiopci: Fix admin vq cleanup by using correct info pointer vpmodernavqcleanup and vpdelvqs clean up admin vq resources by virtiopcivqinfo pointer. The info pointer of admin vq is stored in vpdev-adminvq.info instead of...

OESA-2024-2267 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete /...

SUSE CVE-2024-8612

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...

PT-2024-39133 · Qemu +2 · Qemu +2

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue push as set in virtio scsi complete req, virtio blk req complete, and virtio crypto...

A flaw was found in the vhost-vsock device of QEMU. In case of error an invalid element was not detached from the virtqueue before freeing its memory leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.

...

CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

CVE-2024-42134

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Check if isavq is NULL bug In the virtiopcicommon.c function vpdelvqs, vpdev-isavq is involved to determine whether it is admin virtqueue, but this function vpdev-isavq may be empty. For installations, virtiopcilegacy...

DEBIAN-CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

UBUNTU-CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...