apk package
wolfi/qemu-user-binfmt
pkg:apk/wolfi/qemu-user-binfmt
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-6505 | — | < 11.0.1-r0 | 11.0.1-r0 | Jul 5, 2024 | A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap ove | ||
| CVE-2023-2680 | — | < 0 | 0 | Sep 13, 2023 | This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750. | ||
| CVE-2018-18438 | — | < 0 | 0 | Oct 19, 2018 | Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value. |
- CVE-2024-6505Jul 5, 2024affected < 11.0.1-r0fixed 11.0.1-r0
A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap ove
- CVE-2023-2680Sep 13, 2023affected < 0fixed 0
This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm that was actually missing the fix for CVE-2021-3750.
- CVE-2018-18438Oct 19, 2018affected < 0fixed 0
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.