rpm package
suse/qemu&distro=SUSE Manager Proxy LTS 4.3
pkg:rpm/suse/qemu&distro=SUSE%20Manager%20Proxy%20LTS%204.3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-12464 | Med | 6.2 | < 6.2.0-150400.37.46.1 | 6.2.0-150400.37.46.1 | Oct 31, 2025 | A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loop | |
| CVE-2024-6505 | — | < 6.2.0-150400.37.46.1 | 6.2.0-150400.37.46.1 | Jul 5, 2024 | A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap ove | ||
| CVE-2023-1544 | — | < 6.2.0-150400.37.46.1 | 6.2.0-150400.37.46.1 | Mar 23, 2023 | A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds re |
- affected < 6.2.0-150400.37.46.1fixed 6.2.0-150400.37.46.1
A stack-based buffer overflow was found in the QEMU e1000 network device. The code for padding short frames was dropped from individual network devices and moved to the net core code. The issue stems from the device's receive code still being able to process a short frame in loop
- CVE-2024-6505Jul 5, 2024affected < 6.2.0-150400.37.46.1fixed 6.2.0-150400.37.46.1
A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap ove
- CVE-2023-1544Mar 23, 2023affected < 6.2.0-150400.37.46.1fixed 6.2.0-150400.37.46.1
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds re