Page 7 of 92 results (0.009 seconds)

CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process. Se ha encontrado una vulnerabilidad de escritura fuera de límites en el dispositivo GPU virtio vhost-user (vhost-user-gpu) de QEMU en las versiones hasta la 6.0 inclusive. El fallo se produce al procesar el comando 'VIRTIO_GPU_CMD_GET_CAPSET' del huésped. • http://www.openwall.com/lists/oss-security/2021/05/31/1 https://bugzilla.redhat.com/show_bug.cgi?id=1958978 https://security.gentoo.org/glsa/202208-27 https://security.netapp.com/advisory/ntap-20210720-0008 https://www.debian.org/security/2021/dsa-4980 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host. Se ha encontrado una vulnerabilidad de divulgación de información en el dispositivo GPU virtio vhost-user (vhost-user-gpu) de QEMU en las versiones hasta 6.0 incluyéndola. El fallo se presenta en la función virgl_cmd_get_capset_info() en el archivo contrib/vhost-user-gpu/virgl.c y podría ocurrir debido a una lectura de memoria no inicializada. • http://www.openwall.com/lists/oss-security/2021/05/31/1 https://bugzilla.redhat.com/show_bug.cgi?id=1958955 https://security.gentoo.org/glsa/202208-27 https://security.netapp.com/advisory/ntap-20210720-0008 https://www.debian.org/security/2021/dsa-4980 • CWE-908: Use of Uninitialized Resource •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime. Se han encontrado varias pérdidas de memoria en el dispositivo virtio vhost-user GPU (vhost-user-gpu) de QEMU en las versiones hasta la 6.0 incluyéndola. Se presentan en los archivos contrib/vhost-user-gpu/vhost-user-gpu.c y contrib/vhost-user-gpu/virgl.c debido a la liberación inapropiada de la memoria (es decir, libre) después del tiempo de vida efectivo • http://www.openwall.com/lists/oss-security/2021/05/31/1 https://bugzilla.redhat.com/show_bug.cgi?id=1958935 https://security.gentoo.org/glsa/202208-27 https://security.netapp.com/advisory/ntap-20210720-0008 https://www.debian.org/security/2021/dsa-4980 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0

A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callback function while dropping a SCSI request. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo de desreferencia del puntero NULL en la emulación megasas-gen2 SCSI host bus adapter de QEMU en versiones anteriores a 6.0 incluyéndola. • https://bugzilla.redhat.com/show_bug.cgi?id=1910346 https://security.netapp.com/advisory/ntap-20210720-0008 • CWE-476: NULL Pointer Dereference •

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service or potential code execution with the privileges of the QEMU process. Se encontró una vulnerabilidad de uso de memoria previamente liberada en la emulación del adaptador bus de host SCSI am53c974 de QEMU en versiones anteriores a 6.0.0, durante el manejo del comando "Information Transfer" (CMD_TI). Este fallo permite a un usuario invitado privilegiado bloquear el proceso QEMU en el host, resultando en una denegación de servicio o una posible ejecución de código con los privilegios del proceso QEMU • http://www.openwall.com/lists/oss-security/2021/04/16/3 https://bugzilla.redhat.com/show_bug.cgi?id=1909996 https://security.gentoo.org/glsa/202208-27 https://security.netapp.com/advisory/ntap-20210713-0006 https://www.openwall.com/lists/oss-security/2021/04/16/3 • CWE-416: Use After Free •