Filtered by vendor Redhat
Subscriptions
Filtered by product Advanced Virtualization
Subscriptions
Total
107 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-12127 | 3 Fedoraproject, Intel, Redhat | 13 Fedora, Microarchitectural Load Port Data Sampling, Microarchitectural Load Port Data Sampling Firmware and 10 more | 2024-11-21 | N/A |
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | ||||
CVE-2018-12126 | 3 Fedoraproject, Intel, Redhat | 13 Fedora, Microarchitectural Store Buffer Data Sampling, Microarchitectural Store Buffer Data Sampling Firmware and 10 more | 2024-11-21 | N/A |
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | ||||
CVE-2024-7383 | 1 Redhat | 2 Advanced Virtualization, Enterprise Linux | 2024-11-15 | 7.4 High |
A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic. | ||||
CVE-2024-3447 | 1 Redhat | 2 Advanced Virtualization, Enterprise Linux | 2024-11-15 | 6 Medium |
A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. | ||||
CVE-2024-7730 | 1 Redhat | 2 Advanced Virtualization, Enterprise Linux | 2024-11-15 | 7.4 High |
A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element is equal to virtio_snd_pcm_status, which makes the available space for audio data zero. | ||||
CVE-2024-6519 | 1 Redhat | 2 Advanced Virtualization, Enterprise Linux | 2024-10-21 | 8.2 High |
A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape. | ||||
CVE-2020-25707 | 1 Redhat | 2 Advanced Virtualization, Enterprise Linux | 2023-11-07 | 2.5 Low |
DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-2891 |