vulnerability
Rocky Linux: CVE-2024-26327: qemu-kvm (RLSA-2024-9136)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:A/AC:H/Au:N/C:N/I:N/A:C) | Feb 19, 2024 | Mar 18, 2025 | Mar 18, 2025 |
Severity
5
CVSS
(AV:A/AC:H/Au:N/C:N/I:N/A:C)
Published
Feb 19, 2024
Added
Mar 18, 2025
Modified
Mar 18, 2025
Description
An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations.
Solution(s)
rocky-upgrade-qemu-guest-agentrocky-upgrade-qemu-guest-agent-debuginforocky-upgrade-qemu-imgrocky-upgrade-qemu-img-debuginforocky-upgrade-qemu-kvmrocky-upgrade-qemu-kvm-audio-parocky-upgrade-qemu-kvm-audio-pa-debuginforocky-upgrade-qemu-kvm-block-blkiorocky-upgrade-qemu-kvm-block-blkio-debuginforocky-upgrade-qemu-kvm-block-curlrocky-upgrade-qemu-kvm-block-curl-debuginforocky-upgrade-qemu-kvm-block-rbdrocky-upgrade-qemu-kvm-block-rbd-debuginforocky-upgrade-qemu-kvm-commonrocky-upgrade-qemu-kvm-common-debuginforocky-upgrade-qemu-kvm-corerocky-upgrade-qemu-kvm-core-debuginforocky-upgrade-qemu-kvm-debuginforocky-upgrade-qemu-kvm-debugsourcerocky-upgrade-qemu-kvm-device-display-virtio-gpurocky-upgrade-qemu-kvm-device-display-virtio-gpu-ccwrocky-upgrade-qemu-kvm-device-display-virtio-gpu-ccw-debuginforocky-upgrade-qemu-kvm-device-display-virtio-gpu-debuginforocky-upgrade-qemu-kvm-device-display-virtio-gpu-pcirocky-upgrade-qemu-kvm-device-display-virtio-gpu-pci-debuginforocky-upgrade-qemu-kvm-device-display-virtio-vgarocky-upgrade-qemu-kvm-device-display-virtio-vga-debuginforocky-upgrade-qemu-kvm-device-usb-hostrocky-upgrade-qemu-kvm-device-usb-host-debuginforocky-upgrade-qemu-kvm-device-usb-redirectrocky-upgrade-qemu-kvm-device-usb-redirect-debuginforocky-upgrade-qemu-kvm-docsrocky-upgrade-qemu-kvm-toolsrocky-upgrade-qemu-kvm-tools-debuginforocky-upgrade-qemu-kvm-ui-egl-headlessrocky-upgrade-qemu-kvm-ui-egl-headless-debuginforocky-upgrade-qemu-kvm-ui-openglrocky-upgrade-qemu-kvm-ui-opengl-debuginforocky-upgrade-qemu-pr-helperrocky-upgrade-qemu-pr-helper-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.