rpm package
opensuse/qemu&distro=openSUSE Leap Micro 5.2
pkg:rpm/opensuse/qemu&distro=openSUSE%20Leap%20Micro%205.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0216 | — | < 5.2.0-150300.118.3 | 5.2.0-150300.118.3 | Aug 26, 2022 | A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest | ||
| CVE-2022-35414 | — | < 5.2.0-150300.118.3 | 5.2.0-150300.118.3 | Jul 11, 2022 | softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-v |
- CVE-2022-0216Aug 26, 2022affected < 5.2.0-150300.118.3fixed 5.2.0-150300.118.3
A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest
- CVE-2022-35414Jul 11, 2022affected < 5.2.0-150300.118.3fixed 5.2.0-150300.118.3
softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. NOTE: a third party states that the Non-virtualization Use Case in the qemu.org reference applies here, i.e., "Bugs affecting the non-v