Количество 53
Количество 53
CVE-2021-4207
A flaw was found in the QXL display device emulation in QEMU. A double ...
ELSA-2022-9460
ELSA-2022-9460: kvm_utils security update (IMPORTANT)
GHSA-jr85-6g96-46pc
A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service.
ELSA-2022-9986
ELSA-2022-9986: kvm_utils security update (IMPORTANT)
ELSA-2022-9978
ELSA-2022-9978: qemu security update (IMPORTANT)
BDU:2022-03599
Уязвимость функции lsi_do_msgout эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании
GHSA-9p8r-v33g-4939
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process.
BDU:2022-03597
Уязвимость функции qxl_cursor() эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю выполнить произвольный код
SUSE-SU-2022:3795-1
Security update for qemu
SUSE-SU-2022:3660-1
Security update for qemu
SUSE-SU-2023:3015-1
Security update for qemu
SUSE-SU-2024:1395-1
Security update for qemu
SUSE-SU-2023:0840-1
Security update for qemu
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2021-4207 A flaw was found in the QXL display device emulation in QEMU. A double ... | CVSS3: 8.2 | 0% Низкий | около 3 лет назад |
| ELSA-2022-9460 ELSA-2022-9460: kvm_utils security update (IMPORTANT) | около 3 лет назад | ||
| GHSA-jr85-6g96-46pc A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service. | CVSS3: 4.4 | 0% Низкий | почти 3 года назад |
| ELSA-2022-9986 ELSA-2022-9986: kvm_utils security update (IMPORTANT) | больше 2 лет назад | ||
| ELSA-2022-9978 ELSA-2022-9978: qemu security update (IMPORTANT) | больше 2 лет назад | ||
 | BDU:2022-03599 Уязвимость функции lsi_do_msgout эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
| GHSA-9p8r-v33g-4939 A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | CVSS3: 8.8 | 0% Низкий | около 3 лет назад |
| BDU:2022-03597 Уязвимость функции qxl_cursor() эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 0% Низкий | около 3 лет назад |
 | SUSE-SU-2022:3795-1 Security update for qemu | больше 2 лет назад | ||
| SUSE-SU-2022:3660-1 Security update for qemu | больше 2 лет назад | ||
| SUSE-SU-2023:3015-1 Security update for qemu | почти 2 года назад | ||
| SUSE-SU-2024:1395-1 Security update for qemu | около 1 года назад | ||
| SUSE-SU-2023:0840-1 Security update for qemu | больше 2 лет назад |
Уязвимостей на страницу