Download
| Alert*
|
oval:org.secpod.oval:def:1701551
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ oval:org.secpod.oval:def:89051240 This update for qemu fixes the following issues: * CVE-2021-3638: hw/display/ati_2d: Fix buffer overflow in ati_2d_blt * CVE-2023-3180: virtio-crypto: verify src and dst buffer length for sym request * CVE-2023-3354: io: remove io watch if TLS channel is closed during handshake * [openSUSE] roms/ ... oval:org.secpod.oval:def:89050951 This update for qemu fixes the following issues: * CVE-2023-3180: Fixed a buffer overflow in the virtio-crypto device . * CVE-2021-3750: Fixed a DMA reentrancy in the USB EHCI device that could lead to use-after-free . * CVE-2021-3638: Fixed a buffer overflow in the ati-vga device . * CVE-2023-3354: ... oval:org.secpod.oval:def:3301632 Security update for qemu oval:org.secpod.oval:def:89049321 This update for qemu fixes the following issues: * CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. * CVE-2023-3354: Fixed a remote unauthenticated DoS due to an improper I/O watch removal in VNC TLS handshake. * CVE-2023-3180: Fixed a heap buffer overflow in virtio_crypto_sym_ ... oval:org.secpod.oval:def:3301702 Security update for qemu oval:org.secpod.oval:def:89049568 This update for qemu fixes the following issues: * CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. * CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. * CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. * CVE-2020-13754: Fixed ... oval:org.secpod.oval:def:89049413 This update for qemu fixes the following issues: * CVE-2022-26354: Fixed a memory leak due to a missing virtqueue detach on error. * CVE-2021-3929: Fixed an use-after-free in nvme DMA reentrancy issue. * CVE-2023-0330: Fixed a stack overflow due to a DMA reentrancy issue. * CVE-2020-13754: Fixed ... oval:org.secpod.oval:def:89051798 This update for qemu fixes the following issues: * CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free * CVE-2022-0216: Fixed use-after-free in lsi_do_msgout function in hw/scsi/lsi53c895a.c * CVE-2023-0330: Fixed DMA reentrancy issue that could lead to stack overflow * CV ... oval:org.secpod.oval:def:98757 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:98758 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:98209 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:98210 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:98212 qemu: Machine emulator and virtualizer Several security issues were fixed in QEMU. oval:org.secpod.oval:def:126064 qemu is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu acts as a virtual machine monitor together with the KVM kernel modules, and emulates the hardware for a full system such as a PC and its associated peripherals. |
