Kevin Wolf

#12540de 53,635
21.7CVSS total
Vulnerabilidades · 3
Média
1
Alta
2
PT-2026-29035
6.7
2026-03-30
Unknown · Virtio-Win · CVE-2026-5164
**Name of the Vulnerable Software and Affected Versions** virtio-win (affected versions not specified) **Description** A flaw exists in virtio-win where the `RhelDoUnMap()` function inadequately validates the number of descriptors supplied by a user during an unmap request. A local user could exploit this input validation issue by providing an excessive number of descriptors, potentially causing a buffer overrun. This could lead to a system crash and a Denial of Service (DoS). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2015-1967
7.2
2015-07-17
Qemu · Qemu · CVE-2015-5154
**Name of the Vulnerable Software and Affected Versions** QEMU versions prior to the version that includes the fix for this issue Xen versions 4.5.x and earlier **Description** The issue is related to a heap-based buffer overflow in the IDE subsystem of QEMU, which is used in Xen. This overflow can occur when the container has a CDROM drive enabled, allowing local guest users to execute arbitrary code on the host via unspecified ATAPI commands. The vulnerability can be exploited by a local attacker to gain control over the host system. **Recommendations** For Xen versions 4.5.x and earlier, update to a version that includes the fix for this issue. For QEMU, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling the CDROM drive in the container to minimize the risk of exploitation.
PT-2014-3500
7.8
2014-03-26
Qemu · Qemu · CVE-2014-0145
**Name of the Vulnerable Software and Affected Versions** QEMU versions prior to 1.7.2 QEMU versions 2.x prior to 2.0.0 **Description** The issue is related to multiple buffer overflows, allowing local users to cause a denial of service (crash) or possibly execute arbitrary code. This can be achieved via a large L1 table in the `qcow2 snapshot load tmp` function in the QCOW 2 block driver, or through an uncompressed chunk, chunk length, or number of sectors in the DMG block driver. **Recommendations** For QEMU versions prior to 1.7.2, update to version 1.7.2 or later to resolve the issue. For QEMU versions 2.x prior to 2.0.0, update to version 2.0.0 or later to resolve the issue.