Download
| Alert*
|
oval:org.secpod.oval:def:708254
qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:1701515 There is a vulnerability in the lsi53c895a device which affects the latest version of qemu. The carefully designed PoC can repeatedly trigger DMA writes but does not limit the addresses written to the DMA, resulting in reentrancy issues and eventually overflow oval:org.secpod.oval:def:1701426 A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU pr ... oval:org.secpod.oval:def:89050951 This update for qemu fixes the following issues: * CVE-2023-3180: Fixed a buffer overflow in the virtio-crypto device . * CVE-2021-3750: Fixed a DMA reentrancy in the USB EHCI device that could lead to use-after-free . * CVE-2021-3638: Fixed a buffer overflow in the ati-vga device . * CVE-2023-3354: ... oval:org.secpod.oval:def:3301632 Security update for qemu oval:org.secpod.oval:def:89049321 This update for qemu fixes the following issues: * CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. * CVE-2023-3354: Fixed a remote unauthenticated DoS due to an improper I/O watch removal in VNC TLS handshake. * CVE-2023-3180: Fixed a heap buffer overflow in virtio_crypto_sym_ ... oval:org.secpod.oval:def:89049163 This update for qemu fixes the following issues: * CVE-2021-4207: Fixed double fetch in qxl_cursor that could lead to heap buffer overflow . * CVE-2023-0330: Fixed DMA reentrancy issue that could lead to stack overflow . * CVE-2023-2861: Fixed improper access control on special files . oval:org.secpod.oval:def:3301702 Security update for qemu oval:org.secpod.oval:def:90540 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:90541 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:93272 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:89049568 This update for qemu fixes the following issues: * CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. * CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. * CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. * CVE-2020-13754: Fixed ... oval:org.secpod.oval:def:89049413 This update for qemu fixes the following issues: * CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. * CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. * CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. * CVE-2020-13754: Fixed ... oval:org.secpod.oval:def:89051798 This update for qemu fixes the following issues: * CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free * CVE-2022-0216: Fixed use-after-free in lsi_do_msgout function in hw/scsi/lsi53c895a.c * CVE-2023-0330: Fixed DMA reentrancy issue that could lead to stack overflow * CV ... oval:org.secpod.oval:def:89049184 This update for qemu fixes the following issues: * CVE-2023-3301: Fixed incorrect cleanup of the vdpa/vhost-net structures if peer nic is present . * CVE-2023-0330: Fixed reentrancy issues in the LSI controller . * CVE-2023-2861: Fixed opening special files in 9pfs . * CVE-2023-3255: Fixed infinite ... |
