VYPR

rpm package

suse/qemu&distro=SUSE Linux Enterprise Real Time 15 SP3

pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3

Vulnerabilities (6)

  • CVE-2022-4144Nov 29, 2022
    affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2

    An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious gue

  • CVE-2022-0216Aug 26, 2022
    affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2

    A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest

  • CVE-2021-3929Aug 25, 2022
    affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2

    A DMA reentrancy issue was found in the NVM Express Controller (NVME) emulation in QEMU. This CVE is similar to CVE-2021-3750 and, just like it, when the reentrancy write triggers the reset function nvme_ctrl_reset(), data structs will be freed leading to a use-after-free issue.

  • CVE-2020-14394Aug 17, 2022
    affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2

    An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service.

  • CVE-2022-1050Mar 29, 2022
    affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2

    A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.

  • CVE-2021-3507May 6, 2021
    affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2

    A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this f