Nixpkgs security tracker
6.7 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Local (L)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): High (H)
- User Interaction (UI): None (N)
- Scope (S): Changed (C)
- Confidentiality (C): None (N)
- Integrity (I): Low (L)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Local (L)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): High (H)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): None (N)
- Modified Scope (MS): Changed (C)
- Modified Integrity (MI): Low (L)
- Modified Availability (MA): High (H)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
16 packages
- qemu
- qemu_xen
- qemu-user
- qemu_full
- qemu_test
- qemu-utils
- ubootQemuX86
- ubootQemuX86_64
- canokey-qemu
- qemu-python-utils
- armTrustedFirmwareQemu
- python313Packages.qemu
- python314Packages.qemu
- python313Packages.qemu-qmp
- python314Packages.qemu-qmp
- ubootQemuAarch64
- @LeSuisse accepted
- @LeSuisse published on GitHub
Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling
A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an out-of-bounds write in the host heap memory and a potential denial of service (DoS) for the QEMU process.
References
Affected products
- =<11.0.1
Matching in nixpkgs
Ignored packages (16)
pkgs.qemu
Generic and open source machine emulator and virtualizer
pkgs.qemu_xen
Generic and open source machine emulator and virtualizer
pkgs.qemu-user
QEMU User space emulator - launch executables compiled for one CPU on another CPU
pkgs.qemu_full
Generic and open source machine emulator and virtualizer
pkgs.qemu_test
Generic and open source machine emulator and virtualizer
pkgs.qemu-utils
Generic and open source machine emulator and virtualizer
pkgs.canokey-qemu
CanoKey QEMU Virtual Card
-
nixos-unstable 0-unstable-2026-03-24
- nixpkgs-unstable 0-unstable-2026-03-24
- nixos-unstable-small 0-unstable-2026-03-24
-
nixos-26.05 0-unstable-2026-03-24
- nixos-26.05-small 0-unstable-2026-03-24
- nixpkgs-26.05-darwin 0-unstable-2026-03-24
pkgs.ubootQemuX86
Boot loader for embedded systems
pkgs.ubootQemuX86_64
Boot loader for embedded systems
pkgs.ubootQemuAarch64
Boot loader for embedded systems
pkgs.qemu-python-utils
Python tooling used by the QEMU project to build, configure, and test QEMU
pkgs.armTrustedFirmwareQemu
Reference implementation of secure world software for ARMv8-A
pkgs.python313Packages.qemu
Python tooling used by the QEMU project to build, configure, and test QEMU
pkgs.python314Packages.qemu
Python tooling used by the QEMU project to build, configure, and test QEMU
pkgs.python313Packages.qemu-qmp
Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers
Package maintainers
-
@alyssais Alyssa Ross <hi@alyssa.is>