Описание
A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host system by causing the QEMU process to terminate unexpectedly.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:10.2.1+ds-1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra-legacy/xenial | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | released | 1:8.2.2+ds-0ubuntu1.13 |
| plucky | ignored | end of life, was deferred [2026-01-15] |
| questing | released | 1:10.1.0+ds-5ubuntu2.4 |
Показывать по
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host system by causing the QEMU process to terminate unexpectedly.
A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host system by causing the QEMU process to terminate unexpectedly.
A flaw was found in the virtio-crypto device of QEMU. A malicious gues ...
EPSS
5.5 Medium
CVSS3