Количество 16
Количество 16
BDU:2024-04886
Уязвимость интерфейса virtio-net сервера QEMU, позволяющая нарушителю вызвать утечку информации
CVE-2023-6693
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
CVE-2023-6693
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
CVE-2023-6693
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
CVE-2023-6693
CVE-2023-6693
A stack based buffer overflow was found in the virtio-net device of QE ...
GHSA-835p-c6x8-xh5f
A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak.
SUSE-SU-2024:3229-1
Security update for qemu
RLSA-2025:4492
Moderate: qemu-kvm security update
ELSA-2025-4492
ELSA-2025-4492: qemu-kvm security update (MODERATE)
ELSA-2024-2962
ELSA-2024-2962: virt:ol and virt-devel:rhel security and enhancement update (MODERATE)
SUSE-SU-2024:1103-1
Security update for qemu
ELSA-2024-12407
ELSA-2024-12407: qemu-kvm security update (MODERATE)
ROS-20240625-04
Уязвимости qemu
ELSA-2024-12276
ELSA-2024-12276: virt:kvm_utils3 security update (MODERATE)
ELSA-2024-12605
ELSA-2024-12605: virt:kvm_utils2 security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-04886 Уязвимость интерфейса virtio-net сервера QEMU, позволяющая нарушителю вызвать утечку информации | CVSS3: 5.3 | 0% Низкий | почти 2 года назад |
 | CVE-2023-6693 A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. | CVSS3: 4.9 | 0% Низкий | почти 2 года назад |
 | CVE-2023-6693 A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. | CVSS3: 4.9 | 0% Низкий | почти 2 года назад |
 | CVE-2023-6693 A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. | CVSS3: 4.9 | 0% Низкий | почти 2 года назад |
 | CVSS3: 5.3 | 0% Низкий | 8 месяцев назад | |
| CVE-2023-6693 A stack based buffer overflow was found in the virtio-net device of QE ... | CVSS3: 4.9 | 0% Низкий | почти 2 года назад |
| GHSA-835p-c6x8-xh5f A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtio_net_flush_tx function if guest features VIRTIO_NET_F_HASH_REPORT, VIRTIO_F_VERSION_1 and VIRTIO_NET_F_MRG_RXBUF are enabled. This could allow a malicious user to overwrite local variables allocated on the stack. Specifically, the `out_sg` variable could be used to read a part of process memory and send it to the wire, causing an information leak. | CVSS3: 4.9 | 0% Низкий | почти 2 года назад |
 | SUSE-SU-2024:3229-1 Security update for qemu | около 1 года назад | ||
 | RLSA-2025:4492 Moderate: qemu-kvm security update | 4 месяца назад | ||
| ELSA-2025-4492 ELSA-2025-4492: qemu-kvm security update (MODERATE) | 7 месяцев назад | ||
| ELSA-2024-2962 ELSA-2024-2962: virt:ol and virt-devel:rhel security and enhancement update (MODERATE) | больше 1 года назад | ||
| SUSE-SU-2024:1103-1 Security update for qemu | больше 1 года назад | ||
| ELSA-2024-12407 ELSA-2024-12407: qemu-kvm security update (MODERATE) | больше 1 года назад | ||
 | ROS-20240625-04 Уязвимости qemu | CVSS3: 6.5 | больше 1 года назад | |
| ELSA-2024-12276 ELSA-2024-12276: virt:kvm_utils3 security update (MODERATE) | больше 1 года назад | ||
| ELSA-2024-12605 ELSA-2024-12605: virt:kvm_utils2 security update (IMPORTANT) | около 1 года назад |
Уязвимостей на страницу