Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Dismissed
Filter by:
With package: qemu_xen

Found 4 matching suggestions

View:
Compact
Detailed
Permalink CVE-2015-5745
updated 1 month, 1 week ago by @LeSuisse Activity log
  • Created automatic suggestion 1 month, 1 week ago
  • @pyrox0 removed
    11 packages
    • ubootQemuX86
    • ubootQemuX86_64
    • ubootQemuAarch64
    • qemu-python-utils
    • armTrustedFirmwareQemu
    • python312Packages.qemu
    • python313Packages.qemu
    • python314Packages.qemu
    • python312Packages.qemu-qmp
    • python313Packages.qemu-qmp
    • python314Packages.qemu-qmp
    1 month, 1 week ago
  • @LeSuisse removed package canokey-qemu 1 month, 1 week ago
  • @LeSuisse dismissed 1 month, 1 week ago
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU …

Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.

References

Affected products

QEMU
  • ==before 2.4.0

Matching in nixpkgs

Ignored packages (12)

Package maintainers

Old issue, current stable was never impacted
Permalink CVE-2015-5278
updated 1 month, 1 week ago by @LeSuisse Activity log
  • Created automatic suggestion 1 month, 1 week ago
  • @LeSuisse removed
    14 packages
    • qemu_test
    • qemu-utils
    • canokey-qemu
    • ubootQemuX86
    • ubootQemuX86_64
    • ubootQemuAarch64
    • qemu-python-utils
    • armTrustedFirmwareQemu
    • python312Packages.qemu
    • python313Packages.qemu
    • python314Packages.qemu
    • python312Packages.qemu-qmp
    • python313Packages.qemu-qmp
    • python314Packages.qemu-qmp
    1 month, 1 week ago
  • @LeSuisse dismissed 1 month, 1 week ago
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows …

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

References

Affected products

QEMU
  • ==before 2.4.0.1

Matching in nixpkgs

Ignored packages (14)

Package maintainers

Old issue, current stable was never impacted
Permalink CVE-2025-58150
8.8 HIGH
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): LOW
  • Privileges required (PR): LOW
  • User interaction (UI): NONE
  • Scope (S): CHANGED
  • Confidentiality impact (C): HIGH
  • Integrity impact (I): HIGH
  • Availability impact (A): HIGH
updated 1 month, 4 weeks ago by @SigmaSquadron Activity log
  • Created automatic suggestion 2 months ago
  • @SigmaSquadron dismissed 1 month, 4 weeks ago
x86: buffer overrun with shadow paging + tracing

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing.

References

Affected products

Xen
  • ==consult Xen advisory XSA-477

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

Package maintainers

Already fixed.
Permalink CVE-2026-23553
2.9 LOW
  • CVSS version: 3.1
  • Attack vector (AV): LOCAL
  • Attack complexity (AC): HIGH
  • Privileges required (PR): NONE
  • User interaction (UI): NONE
  • Scope (S): UNCHANGED
  • Confidentiality impact (C): LOW
  • Integrity impact (I): NONE
  • Availability impact (A): NONE
updated 1 month, 4 weeks ago by @SigmaSquadron Activity log
  • Created automatic suggestion 1 month, 4 weeks ago
  • @SigmaSquadron dismissed 1 month, 4 weeks ago
x86: incomplete IBPB for vCPU isolation

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1) vCPU runs on CPU A, running task 1. 2) vCPU moves to CPU B, idle gets scheduled on A. Xen skips IBPB. 3) On CPU B, guest kernel switches from task 1 to 2, issuing IBPB. 4) vCPU moves back to CPU A. Xen skips IBPB again. Now, task 2 is running on CPU A with task 1's training still in the BTB.

References

Affected products

Xen
  • ==consult Xen advisory XSA-479

Matching in nixpkgs

pkgs.xen

Type-1 hypervisor intended for embedded and hyperscale use cases

pkgs.xenomapper

Utility for post processing mapped reads that have been aligned to a primary genome and a secondary genome and binning reads into species specific, multimapping in each species, unmapped and unassigned bins

pkgs.nxengine-evo

Complete open-source clone/rewrite of the masterpiece jump-and-run platformer Doukutsu Monogatari (also known as Cave Story)

pkgs.grub2_pvgrub_image

PvGrub2 image for booting PV Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

pkgs.grub2_pvhgrub_image

PvGrub2 image for booting PVH Xen guests

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small

Package maintainers

Already fixed.