Virtualization Project – Gentoo Packages

Security Bug Reports

app-emulation/qemu: NULL pointer derefrence issues (CVE-2020-{25741,25742,25743})

745396 - Assigned to security
<app-emulation/spice-vdagent-0.21.0: Multiple vulnerabilities (CVE-2020-{25650,25651,25652,25653})

753956 - Assigned to security
<net-misc/openvswitch-2.14.1: Denial of service (CVE-2020-27827)

765346 - Assigned to security
<net-misc/openvswitch-2.15.0: limitation in the OVS packet parsing in userspace leads to DoS (CVE-2020-35498)

769995 - Assigned to security
<sys-firmware/edk2-ovmf-202105: privilege escalation with local access (CVE-2019-14584)

797232 - Assigned to security
<sys-firmware/edk2-ovmf-202105: heap overflow vulnerability (CVE-2021-28211)

797703 - Assigned to security
<net-misc/openvswitch-2.17.2: multiple vulnerabilities

803107 - Assigned to security
<sys-apps/usbredir-0.12.0: use-after-free

834010 - Assigned to security
<app-emulation/libvirt-8.2.0: unprivileged daemon DoS

836128 - Assigned to security
<app-emulation/qemu-7.1.0: multiple vulnerabilities

857657 - Assigned to security
app-emulation/qemu: multiple vulnerabilities

865121 - Assigned to security
net-misc/openvswitch: DoS via crafted packet

869365 - Assigned to security
app-emulation/qemu: multiple vulnerabilities

877609 - Assigned to security
sys-firmware/ipxe: padding oracle attack vulnerability

882393 - Assigned to security
<app-emulation/qemu-7.2.0_rc3: multiple vulnerabilities

883693 - Assigned to security
net-misc/openvswitch: LLDP underflow

887561 - Assigned to security
<app-containers/lxc-5.0.2: file existence disclosure

889284 - Assigned to security

Contact Information

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo Project Virtualization Project

Security Bug Reports

Contact Information

Gentoo Project

Virtualization Project