Page 15 of 399 results (0.003 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. La función eth_get_gso_type en el archivo net/eth.c en QEMU versión 4.2.1, permite a usuarios de OS invitados desencadenar un error de aserción. Un invitado puede bloquear el proceso de QEMU por medio de paquetes de datos que carecen de un protocolo de Capa 3 válido An assert(3) failure flaw was found in the networking helper functions of QEMU. This vulnerability can occur in the eth_get_gso_type() routine if a packet does not have a valid networking L3 protocol (ex. • http://www.openwall.com/lists/oss-security/2020/11/02/1 https://lists.debian.org/debian-lts-announce/2020/11/msg00047.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg05731.html https://security.netapp.com/advisory/ntap-20201202-0002 https://access.redhat.com/security/cve/CVE-2020-27617 https://bugzilla.redhat.com/show_bug.cgi?id=1891668 • CWE-617: Reachable Assertion •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process. La función ati_2d_blt en el archivo hw/display/ati_2d.c en QEMU versión 4.2.1, puede encontrar una situación fuera de límites en un cálculo. Un invitado puede bloquear el proceso QEMU • http://www.openwall.com/lists/oss-security/2020/11/03/2 https://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg05018.html https://security.netapp.com/advisory/ntap-20201202-0002 • CWE-682: Incorrect Calculation •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service. Se detectó un problema en QEMU versiones hasta 5.1.0. • https://bugzilla.redhat.com/show_bug.cgi?id=1847584 https://git.qemu.org/?p=qemu.git https://security.netapp.com/advisory/ntap-20201123-0003 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 3.2EPSS: 0%CPEs: 1EXPL: 0

pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer. La función pci_change_irq_level en el archivo hw/pci/pci.c en QEMU versiones anteriores a 5.1.1, presenta una desreferencia de puntero NULL porque la función pci_get_bus() podría no devolver un puntero válido • http://www.openwall.com/lists/oss-security/2020/09/29/1 https://bugzilla.redhat.com/show_bug.cgi?id=1883178 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05294.html https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Flsi_nullptr1 • CWE-476: NULL Pointer Dereference •

CVSS: 3.2EPSS: 0%CPEs: 5EXPL: 0

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. El archivo hw/ide/pci.c en QEMU versiones anteriores a 5.1.1, puede desencadenar una desreferencia del puntero NULL porque carece de una comprobación de puntero antes de una llamada de ide_cancel_dma_sync • http://www.openwall.com/lists/oss-security/2020/09/29/1 https://bugzilla.redhat.com/show_bug.cgi?id=1881409 https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05967.html https://ruhr-uni-bochum.sciebo.de/s/NNWP2GfwzYKeKwE?path=%2Fide_nullptr1b • CWE-476: NULL Pointer Dereference •