Suggestions search

All statuses

Filter by:

With package: python312Packages.qemu-qmp

Found 35 matching suggestions

View:

Compact

Detailed

Untriaged

Permalink CVE-2024-7409

created 6 months, 1 week ago

Qemu: denial of service via improper synchronization in qemu nbd server during socket closure

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.

References

https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
https://lists.debian.org/debian-lts-announce/2025/09/msg00011.html
RHSA-2024:6964 vendor-advisory x_refsource_REDHAT
RHSA-2024:7408 vendor-advisory x_refsource_REDHAT
RHSA-2024:8991 vendor-advisory x_refsource_REDHAT
RHSA-2024:9136 vendor-advisory x_refsource_REDHAT
RHSA-2024:9620 vendor-advisory x_refsource_REDHAT
RHSA-2024:9912 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 x_refsource_REDHAT vdb-entry
RHBZ#2302487 issue-tracking x_refsource_REDHAT
RHSA-2024:10518 vendor-advisory x_refsource_REDHAT
RHSA-2024:10528 vendor-advisory x_refsource_REDHAT
RHSA-2024:10813 vendor-advisory x_refsource_REDHAT
RHSA-2024:6811 vendor-advisory x_refsource_REDHAT
RHSA-2024:6818 vendor-advisory x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250502-0008/
https://lists.debian.org/debian-lts-announce/2025/09/msg00011.html

Affected products

qemu

==7.2.0
==9.0.0
==8.2.0

rhcos

qemu-kvm

virt:rhel

qemu-kvm-ma

virt-devel:rhel

virt:av/qemu-kvm

virt:8.2/qemu-kvm

virt:rhel/qemu-kvm

virt-devel:av/qemu-kvm

virt-devel:8.2/qemu-kvm

virt-devel:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-7730

7.4 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months, 1 week ago

Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()

A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-bounds write if the size of the virtio queue element is equal to virtio_snd_pcm_status, which makes the available space for audio data zero.

References

https://access.redhat.com/security/cve/CVE-2024-7730 x_refsource_REDHAT vdb-entry
RHBZ#2304289 issue-tracking x_refsource_REDHAT

Affected products

qemu

<9.1.0

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-3447

6.0 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition.

References

RHBZ#2274123 issue-tracking x_refsource_REDHAT
https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/
https://access.redhat.com/security/cve/CVE-2024-3447 x_refsource_REDHAT vdb-entry
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58813
https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/
https://access.redhat.com/security/cve/CVE-2024-3447 x_refsource_REDHAT vdb-entry
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58813
RHBZ#2274123 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20250425-0005/
RHBZ#2274123 issue-tracking x_refsource_REDHAT
https://patchew.org/QEMU/20240404085549.16987-1-philmd@linaro.org/
https://access.redhat.com/security/cve/CVE-2024-3447 x_refsource_REDHAT vdb-entry
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58813
https://security.netapp.com/advisory/ntap-20250425-0005/
https://lists.debian.org/debian-lts-announce/2025/04/msg00042.html

Affected products

qemu

<9.0.0

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-4467

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months, 1 week ago

Qemu: 'qemu-img info' leads to host file read/write

A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.

References

RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/07/23/2
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/07/23/2
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/07/23/2
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT
RHSA-2024:4276 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4277 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4278 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4372 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4373 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4374 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4420 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4724 vendor-advisory x_refsource_REDHAT x_transferred
RHSA-2024:4727 vendor-advisory x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4467 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2278875 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/07/23/2 x_transferred
https://security.netapp.com/advisory/ntap-20240822-0005/

Affected products

qemu

<9.1.0

virt:av

qemu-kvm

virt:8.2

virt:rhel

qemu-kvm-ma

virt-devel:av

virt-devel:rhel

virt:av/qemu-kvm

virt:rhel/qemu-kvm

container-native-virtualization/virt-cdi-operator-rhel9

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-4693

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Qemu: virtio-pci: improper release of configure vector leads to guest triggerable crash

A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci.c). An improper release and use of the irqfd for vector 0 during the boot process leads to a guest triggerable crash via vhost_net_stop(). This flaw allows a malicious guest to crash the QEMU process on the host.

References

https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20240828-0007/
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/
https://access.redhat.com/security/cve/CVE-2024-4693 x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4693 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2279965 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240828-0007/

Affected products

qemu

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-8612

3.8 LOW

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 6 months, 1 week ago

Qemu-kvm: information leak in virtio devices

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak.

References

https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
https://security.netapp.com/advisory/ntap-20241108-0006/
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://gitlab.com/qemu-project/qemu/-/commit/637b0aa139565cb82a7b9269e62214f87…
https://security.netapp.com/advisory/ntap-20241108-0006/
https://gitlab.com/qemu-project/qemu/-/commit/637b0aa139565cb82a7b9269e62214f87…
https://access.redhat.com/security/cve/CVE-2024-8612 x_refsource_REDHAT vdb-entry
RHBZ#2313760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241108-0006/

Affected products

qemu

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-6505

6.0 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss

A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host.

References

https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/
https://access.redhat.com/security/cve/CVE-2024-6505 x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6505 x_transferred x_refsource_REDHAT vdb-entry
RHBZ#2295760 issue-tracking x_refsource_REDHAT x_transferred
https://security.netapp.com/advisory/ntap-20240816-0006/

Affected products

qemu

<9.1.0

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-8354

4.7 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Qemu-kvm: usb: assertion failure in usb_ep_get()

A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.

References

RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/
https://access.redhat.com/security/cve/CVE-2024-8354 x_refsource_REDHAT vdb-entry
RHBZ#2313497 issue-tracking x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20241011-0008/

Affected products

qemu

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2024-6519

8.2 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 6 months, 1 week ago

Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability

A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.

References

https://access.redhat.com/security/cve/CVE-2024-6519 x_refsource_REDHAT vdb-entry
RHBZ#2292089 issue-tracking x_refsource_REDHAT
https://www.zerodayinitiative.com/advisories/ZDI-24-1382/

Affected products

qemu

qemu-kvm

qemu-kvm-ma

virt:av/qemu-kvm

virt:rhel/qemu-kvm

Matching in nixpkgs

pkgs.qemu

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_kvm

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_xen

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-user

QEMU User space emulator - launch executables compiled for one CPU on another CPU

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_full

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu_test

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.qemu-utils

Generic and open source machine emulator and virtualizer

nixos-unstable -
- nixpkgs-unstable 10.1.0

pkgs.canokey-qemu

CanoKey QEMU Virt Card

nixos-unstable -
- nixpkgs-unstable 0-unstable-2023-06-06

pkgs.ubootQemuX86

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_defconfig-2025.07

pkgs.ubootQemuX86_64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable x86_64_defconfig-2025.07

pkgs.ubootQemuAarch64

Boot loader for embedded systems

nixos-unstable -
- nixpkgs-unstable qemu_arm64_defconfig-2025.07

pkgs.qemu-python-utils

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.armTrustedFirmwareQemu

Reference implementation of secure world software for ARMv8-A

nixos-unstable -
- nixpkgs-unstable 2.13.0

pkgs.python312Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python313Packages.qemu

Python tooling used by the QEMU project to build, configure, and test QEMU

nixos-unstable -
- nixpkgs-unstable 0.6.1.0a1

pkgs.python312Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

pkgs.python313Packages.qemu-qmp

Asyncio library for communicating with QEMU Monitor Protocol (“QMP”) servers

nixos-unstable -
- nixpkgs-unstable 0.0.3

Package maintainers

@lopsided98 Ben Wolsieffer <benwolsieffer@gmail.com>
@oxalica oxalica <oxalicc@pm.me>
@devplayer0 Jack O'Sullivan <dev@nul.ie>
@DavHau David Hauer <d.hauer.it@gmail.com>
@brianmcgillion Brian McGillion <bmg.avoin@gmail.com>
@alyssais Alyssa Ross <hi@alyssa.is>
@hehongbo Hongbo
@digitalrane Rane <rane+git@junkyard.systems>
@SigmaSquadron Fernando Rodrigues <alpha@sigmasquadron.net>
@CertainLach Yaroslav Bolyukin <iam@lach.pw>
@dezgeg Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>

Untriaged

Permalink CVE-2023-3301

5.6 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): CHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months, 1 week ago

Triggerable assertion due to race condition in hot-unplug

A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.