Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2007-10-30 | CVE-2007-5729 | The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0_TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of "NE2000 network driver and the socket code," but this is the correct identifier for the mtu overflow vulnerability. | Debian_linux, Opensuse, Qemu | N/A | ||
| 2007-05-02 | CVE-2007-1366 | QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error. | Debian_linux, Qemu | N/A | ||
| 2007-05-02 | CVE-2007-1322 | QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction. | Debian_linux, Qemu | N/A | ||
| 2007-05-02 | CVE-2007-1320 | Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow. | Debian_linux, Fedora, Fedora_core, Opensuse, Qemu | N/A | ||
| 2007-10-30 | CVE-2007-1321 | Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier was inadvertently used by some sources to cover multiple issues that were labeled "NE2000 network driver and the socket code," but separate identifiers have been created for the individual... | Debian_linux, Fedora, Fedora_core, Qemu | N/A | ||
| 2016-12-09 | CVE-2016-9101 | Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device. | Debian_linux, Leap, Qemu | 6.0 | ||
| 2016-04-26 | CVE-2016-4002 | Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes. | Ubuntu_linux, Debian_linux, Fedora, Qemu | 9.8 | ||
| 2017-04-13 | CVE-2015-8619 | The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | Debian_linux, Qemu | 7.5 | ||
| 2017-04-13 | CVE-2015-8345 | The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | Debian_linux, Qemu | 6.5 | ||
| 2000-12-19 | CVE-2000-0888 | named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug." | Debian_linux, Bind | N/A |