rpm package
almalinux/libguestfs-rescue
pkg:rpm/almalinux/libguestfs-rescue
Vulnerabilities (63)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3592 | — | < 1:1.40.2-28.module_el8.5.0+2608+72063365.alma | 1:1.40.2-28.module_el8.5.0+2608+72063365.alma | Jun 15, 2021 | An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this | ||
| CVE-2021-20196 | — | < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma | 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma | May 26, 2021 | A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on | ||
| CVE-2020-15859 | — | < 1:1.40.2-28.module_el8.5.0+2608+72063365.alma | 1:1.40.2-28.module_el8.5.0+2608+72063365.alma | Jul 21, 2020 | QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address. |
- CVE-2021-3592Jun 15, 2021affected < 1:1.40.2-28.module_el8.5.0+2608+72063365.almafixed 1:1.40.2-28.module_el8.5.0+2608+72063365.alma
An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this
- CVE-2021-20196May 26, 2021affected < 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.almafixed 1:1.44.0-5.module_el8.6.0+2880+7d9e3703.alma
A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on
- CVE-2020-15859Jul 21, 2020affected < 1:1.40.2-28.module_el8.5.0+2608+72063365.almafixed 1:1.40.2-28.module_el8.5.0+2608+72063365.alma
QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.
Page 4 of 4