Filtered by vendor Qemu
Subscribe
Total
419 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-16845 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-09-10 | 6.4 MEDIUM | 10.0 CRITICAL |
| hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access. | |||||
| CVE-2015-8568 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-09-10 | 4.7 MEDIUM | 6.5 MEDIUM |
| Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | |||||
| CVE-2017-8112 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-09-10 | 4.9 MEDIUM | 6.5 MEDIUM |
| hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count. | |||||
| CVE-2018-15746 | 1 Qemu | 1 Qemu | 2020-09-10 | 2.1 LOW | 5.5 MEDIUM |
| qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread. | |||||
| CVE-2018-17958 | 4 Canonical, Debian, Qemu and 1 more | 6 Ubuntu Linux, Debian Linux, Qemu and 3 more | 2020-09-10 | 5.0 MEDIUM | 7.5 HIGH |
| Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | |||||
| CVE-2015-4106 | 6 Canonical, Citrix, Debian and 3 more | 8 Ubuntu Linux, Xenserver, Debian Linux and 5 more | 2020-09-09 | 4.6 MEDIUM | N/A |
| QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors. | |||||
| CVE-2015-7295 | 3 Debian, Fedoraproject, Qemu | 3 Debian Linux, Fedora, Qemu | 2020-09-09 | 5.0 MEDIUM | N/A |
| hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface. | |||||
| CVE-2015-8567 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2020-09-09 | 6.8 MEDIUM | 7.7 HIGH |
| Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | |||||
| CVE-2015-5158 | 1 Qemu | 1 Qemu | 2020-09-08 | 2.1 LOW | 5.5 MEDIUM |
| Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor block. | |||||
| CVE-2018-17962 | 6 Canonical, Debian, Oracle and 3 more | 6 Ubuntu Linux, Debian Linux, Linux and 3 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | |||||
| CVE-2013-2016 | 3 Debian, Novell, Qemu | 4 Debian Linux, Open Desktop Server, Open Enterprise Server and 1 more | 2020-08-18 | 6.9 MEDIUM | 7.8 HIGH |
| A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host. | |||||
| CVE-2013-4344 | 4 Canonical, Opensuse, Qemu and 1 more | 8 Ubuntu Linux, Opensuse, Qemu and 5 more | 2020-08-11 | 7.2 HIGH | N/A |
| Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. | |||||
| CVE-2019-15034 | 1 Qemu | 1 Qemu | 2020-05-28 | 4.4 MEDIUM | 5.8 MEDIUM |
| hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space. | |||||
| CVE-2016-4441 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 2.1 LOW | 6.0 MEDIUM |
| The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command. | |||||
| CVE-2016-4439 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors. | |||||
| CVE-2018-16847 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-05-14 | 4.6 MEDIUM | 7.8 HIGH |
| An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process. | |||||
| CVE-2016-4454 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 3.6 LOW | 6.0 MEDIUM |
| The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read. | |||||
| CVE-2016-4453 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 4.9 MEDIUM | 4.4 MEDIUM |
| The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command. | |||||
| CVE-2020-11102 | 1 Qemu | 1 Qemu | 2020-05-13 | 6.8 MEDIUM | 5.6 MEDIUM |
| hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length. | |||||
| CVE-2018-20124 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-05-12 | 2.1 LOW | 5.5 MEDIUM |
| hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. | |||||