Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| qemu | unfixed | package | ||
| qemu | no-dsa | trixie | package | |
| qemu | no-dsa | bookworm | package |
Примечания
https://lore.kernel.org/qemu-devel/20260220-virtio-snd-series-v1-0-207c4f7200a2@linaro.org/
Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/61679d7dcfa2dffc8fb115aa19b09e0e7cf5ea5c
Связанные уязвимости
CVSS3: 5.5
redhat
около 1 месяца назад
An integer overflow vulnerability was found in the virtio-snd device via PCM_INFO requests from the guest. A malicious guest can provide out-of-bounds stream counts, potentially leading to unbounded memory allocation on the host and a denial of service condition.