Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/06 12:0 a.m.52 views

Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...

7.1CVSS6.3AI score0.00376EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/01/09 12:0 a.m.38 views

Ubuntu: Security Advisory (USN-6567-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.01891EPSS
Exploits5References2
Ubuntu
Ubuntu
added 2024/01/08 5:46 p.m.74 views

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.1AI score0.01891EPSS
Exploits5
OSV
OSV
added 2023/03/23 12:0 a.m.21 views

CVE-2023-1544 Qemu: pvrdma: out-of-bounds read in pvrdma_ring_next_elem_read()

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...

6CVSS6.6AI score0.00309EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.46 views

SUSE SLES15: qemu / qemu-SLOF / qemu-arm / qemu-audio-alsa / qemu-audio-pa / etc (SUSE-SU-2023:0840-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0840-1 advisory. - CVE-2022-4144: Fixed unsafe address translation can lead to out-of-bounds read in qxlphys2virt bsc1205808. - CVE-2021-3507: Fixed...

8.8CVSS6.8AI score0.00643EPSS
Exploits5References20
Tenable Nessus
Tenable Nessus
added 2022/05/05 12:0 a.m.26 views

EulerOS Virtualization 2.9.0 : qemu (EulerOS-SA-2022-1623)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a 'PVRDMACMDCREATEM...

6.5CVSS6.8AI score0.00386EPSS
Exploits1References2
Prion
Prion
added 2022/02/24 7:15 p.m.23 views

Integer overflow

An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMAREGDSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a lar...

4.9CVSS5.7AI score0.00299EPSS
Exploits0References5Affected Software3
Debian CVE
Debian CVE
added 2022/02/24 6:50 p.m.45 views

CVE-2021-3607

An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMAREGDSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest user to make QEMU allocate a lar...

6CVSS6.6AI score0.00299EPSS
Exploits0
OSV
OSV
added 2021/06/18 12:0 a.m.5 views

UBUNTU-CVE-2021-3608

A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMAREGDSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The...

6CVSS6.6AI score0.00363EPSS
Exploits0References4
Rows per page
Query Builder