Page 12 of 391 results (0.015 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service. En QEMU versión 4.1.0, se encontró un fallo de lectura fuera de límites en la implementación VGA de ATI. Ocurre en la rutina ati_cursor_define() mientras maneja las operaciones de escritura MMIO mediante la devolución de llamada de ati_mm_write(). • https://bugzilla.redhat.com/show_bug.cgi?id=1841136 https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=aab0e2a661b2b6bf7915c0aefe807fb60d6d9d13 https://security.netapp.com/advisory/ntap-20210205-0003 • CWE-125: Out-of-bounds Read •

CVSS: 3.8EPSS: 0%CPEs: 1EXPL: 0

iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. La función iscsi_aio_ioctl_cb en el archivo block/iscsi.c en QEMU 4.1.0, presenta una lectura excesiva del búfer en la región heap de la memoria que puede revelar información no relacionada de la memoria del proceso a un atacante. A heap buffer overflow flaw was found in the iSCSI support of QEMU. This flaw could lead to an out-of-bounds read access and possible information disclosure from the QEMU process memory to a malicious guest. The highest threat from this vulnerability is to data confidentiality. • http://www.openwall.com/lists/oss-security/2021/01/13/4 https://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ff0507c239a246fd7215b31c5658fc6a3ee1e4c5 https://security.netapp.com/advisory/ntap-20210212-0001 https://access.redhat.com/security/cve/CVE-2020-11947 https://bugzilla.redhat.com/show_bug.cgi?id=1912765 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •

CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0. Se encontró uno fallo en la API de administración de memoria de QEMU durante la inicialización de una caché de región de memoria. • http://www.openwall.com/lists/oss-security/2020/12/16/6 https://bugzilla.redhat.com/show_bug.cgi?id=1902651 https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://security.netapp.com/advisory/ntap-20210115-0006 https://access.redhat.com/security/cve/CVE-2020-27821 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1

hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. El archivo hw/net/e1000e_core.c en QEMU versión 5.0.0, presenta un bucle infinito por medio de un descriptor RX con una dirección de búfer NULL An infinite loop flaw was found in the e1000e device emulator in QEMU. This issue could occur while receiving packets via the e1000e_write_packet_to_guest() routine, if the receive(RX) descriptor has a NULL buffer address. This flaw allows a privileged guest user to cause a denial of service. The highest threat from this vulnerability is to system availability. • http://www.openwall.com/lists/oss-security/2020/12/01/2 https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html https://access.redhat.com/security/cve/CVE-2020-28916 https://bugzilla.redhat.com/show_bug.cgi?id=1903064 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 3.2EPSS: 0%CPEs: 2EXPL: 0

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on the host, resulting in a denial of service. Se encontró un problema de aserción alcanzable en el código de emulación USB EHCI de QEMU. Podría ocurrir mientras se procesan las peticiones USB debido a una falta de manejo del fallo del mapa de memoria DMA. • http://www.openwall.com/lists/oss-security/2020/12/22/1 https://bugzilla.redhat.com/show_bug.cgi?id=1898579 https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://security.netapp.com/advisory/ntap-20201218-0004 https://access.redhat.com/security/cve/CVE-2020-25723 • CWE-617: Reachable Assertion •