Filtered by vendor Qemu
Subscriptions
Filtered by product Qemu
Subscriptions
Total
411 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-13672 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 5.5 Medium |
| QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. | ||||
| CVE-2017-9503 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 5.5 Medium |
| QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas command processing. | ||||
| CVE-2017-11334 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 4.4 Medium |
| The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area. | ||||
| CVE-2017-17381 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 6.5 Medium |
| The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. | ||||
| CVE-2016-2198 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 5.5 Medium |
| QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS. | ||||
| CVE-2017-11434 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-11-10 | 5.5 Medium |
| The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string. | ||||
| CVE-2016-7907 | 1 Qemu | 1 Qemu | 2020-11-10 | 4.4 Medium |
| The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags. | ||||
| CVE-2014-0150 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2020-11-02 | N/A |
| Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow. | ||||
| CVE-2011-2527 | 1 Qemu | 1 Qemu | 2020-11-02 | N/A |
| The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host. | ||||
| CVE-2008-2382 | 2 Kvm Qumranet, Qemu | 2 Kvm, Qemu | 2020-11-02 | N/A |
| The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message. | ||||
| CVE-2008-0928 | 1 Qemu | 1 Qemu | 2020-11-02 | N/A |
| Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine. | ||||
| CVE-2011-0011 | 1 Qemu | 1 Qemu | 2020-11-02 | N/A |
| qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions. | ||||
| CVE-2015-8743 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-10-29 | 7.1 High |
| QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes. | ||||
| CVE-2017-13711 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-10-29 | 7.5 High |
| Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properly clear ifq_so from pending packets. | ||||
| CVE-2017-9524 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-10-29 | 7.5 High |
| The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function. | ||||
| CVE-2016-9381 | 2 Citrix, Qemu | 2 Xenserver, Qemu | 2020-10-23 | 7.5 High |
| Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability. | ||||
| CVE-2017-7493 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-10-23 | 7.8 High |
| Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could use this flaw to escalate their privileges inside guest. | ||||
| CVE-2016-5105 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-10-21 | 4.4 Medium |
| The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command. | ||||
| CVE-2016-4952 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-10-21 | 6.0 Medium |
| QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command. | ||||
| CVE-2016-5238 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-10-21 | 4.4 Medium |
| The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode. | ||||