qemu-kvm-device-display-virtio-vga-gl (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package qemu-kvm-device-display-virtio-vga-gl, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2021-3750 — CVSS 8.2 (high): A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its…
CVE-2022-26353 — CVSS 7.5 (high): A flaw was found in the virtio-net device of QEMU. This flaw was inadvertently introduced with the fix for CVE-2021-3748, which forgot to…
CVE-2021-3611 — CVSS 6.5 (medium): A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash…
CVE-2021-3507 — CVSS 6.1 (medium): A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler()…
CVE-2021-4158 — CVSS 6.0 (medium): A NULL pointer dereference issue was found in the ACPI code of QEMU. A malicious, privileged user within the guest could use this flaw to…
CVE-2022-26354 — CVSS 3.2 (low): A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing…