Virtualization Project – Gentoo Packages

Security Bug Reports

app-emulation/qemu: NULL pointer derefrence issues (CVE-2020-{25741,25742,25743})

745396 - Assigned to Gentoo Security
<sys-firmware/edk2-ovmf-202105: privilege escalation with local access (CVE-2019-14584)

797232 - Assigned to Gentoo Security
<sys-firmware/edk2-ovmf-202105: heap overflow vulnerability (CVE-2021-28211)

797703 - Assigned to Gentoo Security
<sys-apps/usbredir-0.12.0: use-after-free

834010 - Assigned to Gentoo Security
<app-emulation/qemu-7.1.0: multiple vulnerabilities

857657 - Assigned to Gentoo Security
<app-emulation/qemu-8.0.0: multiple vulnerabilities

865121 - Assigned to Gentoo Security
net-misc/openvswitch: DoS via crafted packet

869365 - Assigned to Gentoo Security
app-emulation/qemu: multiple vulnerabilities

877609 - Assigned to Gentoo Security
<sys-firmware/ipxe-1.21.1_p20230601: padding oracle attack vulnerability

882393 - Assigned to Gentoo Security
<app-emulation/qemu-7.2.0_rc3: multiple vulnerabilities

883693 - Assigned to Gentoo Security
<app-containers/lxc-5.0.2: file existence disclosure

889284 - Assigned to Gentoo Security
<dev-libs/libtpms-0.9.6: Out-of-bounds access

898504 - Assigned to Gentoo Security
app-emulation/qemu: multiple vulnerabilities

905342 - Assigned to Gentoo Security
<app-emulation/libvirt-9.3.0: large memory leak

908042 - Assigned to Gentoo Security
<app-emulation/qemu-7.2.3-r1: Insufficient access control in 9pfs

909542 - Assigned to Gentoo Security
<app-emulation/libvirt-{9.3.0-r1,9.4.0-r4,9.5.0-r1,9.6.0}: libvirt daemon crash

916497 - Assigned to Gentoo Security

Contact Information

Please file new vulnerability reports on Gentoo Bugzilla and assign them to the Gentoo Security product and Vulnerabilities component.

Gentoo Project Virtualization Project

Security Bug Reports

Contact Information

Gentoo Project

Virtualization Project