Количество 65
Количество 65
CVE-2021-3748
CVE-2021-3748
A use-after-free vulnerability was found in the virtio-net device of Q ...
ELSA-2022-9869
ELSA-2022-9869: qemu-kvm security update (IMPORTANT)
ELSA-2022-9862
ELSA-2022-9862: kvm_utils2 security update (IMPORTANT)
GHSA-4f87-mww8-gm8x
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.
BDU:2022-00753
Уязвимость реализации функции virtio_net_receive_rcu (hw/net/virtio-net.c) эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании
openSUSE-SU-2021:3605-1
Security update for qemu
openSUSE-SU-2021:3604-1
Security update for qemu
openSUSE-SU-2021:1461-1
Security update for qemu
SUSE-SU-2021:3653-1
Security update for qemu
SUSE-SU-2021:3605-1
Security update for qemu
SUSE-SU-2021:3604-1
Security update for qemu
SUSE-SU-2021:3519-1
Security update for qemu
CVE-2022-0897
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
CVE-2022-0897
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
CVE-2022-0897
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
CVE-2022-0897
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjLis ...
CVE-2022-26354
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
CVE-2022-26354
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
CVE-2022-26354
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVSS3: 7.5 | 0% Низкий | почти 3 года назад | |
| CVE-2021-3748 A use-after-free vulnerability was found in the virtio-net device of Q ... | CVSS3: 7.5 | 0% Низкий | почти 4 года назад |
| ELSA-2022-9869 ELSA-2022-9869: qemu-kvm security update (IMPORTANT) | около 3 лет назад | ||
| ELSA-2022-9862 ELSA-2022-9862: kvm_utils2 security update (IMPORTANT) | около 3 лет назад | ||
| GHSA-4f87-mww8-gm8x A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process. | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
 | BDU:2022-00753 Уязвимость реализации функции virtio_net_receive_rcu (hw/net/virtio-net.c) эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю выполнить произвольный код или вызвать отказ в обслуживании | CVSS3: 7.5 | больше 4 лет назад | |
 | openSUSE-SU-2021:3605-1 Security update for qemu | около 4 лет назад | ||
| openSUSE-SU-2021:3604-1 Security update for qemu | около 4 лет назад | ||
| openSUSE-SU-2021:1461-1 Security update for qemu | около 4 лет назад | ||
| SUSE-SU-2021:3653-1 Security update for qemu | около 4 лет назад | ||
| SUSE-SU-2021:3605-1 Security update for qemu | около 4 лет назад | ||
| SUSE-SU-2021:3604-1 Security update for qemu | около 4 лет назад | ||
| SUSE-SU-2021:3519-1 Security update for qemu | около 4 лет назад | ||
 | CVE-2022-0897 A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
 | CVE-2022-0897 A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). | CVSS3: 5 | 0% Низкий | почти 4 года назад |
 | CVE-2022-0897 A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| CVE-2022-0897 A flaw was found in the libvirt nwfilter driver. The virNWFilterObjLis ... | CVSS3: 4.3 | 0% Низкий | почти 4 года назад |
| CVE-2022-26354 A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0. | CVSS3: 3.2 | 0% Низкий | почти 4 года назад |
| CVE-2022-26354 A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0. | CVSS3: 2.5 | 0% Низкий | почти 4 года назад |
| CVE-2022-26354 A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0. | CVSS3: 3.2 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу