Msrc Cm1 Qemu-Kvm 4.2.0-37 On Cbl Mariner 1.0 vulnerabilities
2 known vulnerabilities affecting msrc/cm1_qemu-kvm_4.2.0-37_on_cbl_mariner_1.0.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-3545MEDIUMCVSS 6.52021-06-08
CVE-2021-3545 [MEDIUM] CWE-908 An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in co
An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of unin
msrc
CVE-2020-35506MEDIUMCVSS 6.72021-05-11
CVE-2020-35506 [MEDIUM] CWE-416 A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the hos
msrc