14 lines
1.4 KiB
JSON
14 lines
1.4 KiB
JSON
{
|
|
"id": "openEuler-SA-2022-2024",
|
|
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-2024",
|
|
"title": "An update for qemu is now available for openEuler-22.03-LTS",
|
|
"severity": "Medium",
|
|
"description": "QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed.\n\n\tQEMU has two operating modes:\n\n\t\tFull system emulation. In this mode, QEMU emulates a full system (for example a PC),\n\t\tincluding one or several processors and various peripherals. It can be used to launch\n\t\tdifferent Operating Systems without rebooting the PC or to debug system code.\n\n\t\tUser mode emulation. In this mode, QEMU can launch processes compiled for one CPU on another CPU.\n\t\tIt can be used to launch the Wine Windows API emulator (https://www.winehq.org) or to ease\n\t\tcross-compilation and cross-debugging.\n\t\tYou can refer to https://www.qemu.org for more infortmation.\r\n\r\nSecurity Fix(es):\r\n\r\nAn integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service.(CVE-2022-3165)",
|
|
"cves": [
|
|
{
|
|
"id": "CVE-2022-3165",
|
|
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3165",
|
|
"severity": "Medium"
|
|
}
|
|
]
|
|
} |