Qemu
(Qemu)| Repositories |
•
https://github.com/qemu/qemu
• https://github.com/torvalds/linux • https://github.com/bonzini/qemu |
| #Vulnerabilities | 310 |
| Date | ID | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2020-08-31 | CVE-2020-14364 | An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. | Debian_linux, Fedora, Qemu, Enterprise_linux, Openstack | N/A | |
| 2020-02-11 | CVE-2020-1711 | An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. | Debian_linux, Leap, Qemu, Enterprise_linux, Openstack | N/A | |
| 2020-08-11 | CVE-2020-16092 | In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. | Qemu | N/A | |
| 2020-05-27 | CVE-2020-13253 | sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. | Qemu | N/A | |
| 2017-04-11 | CVE-2015-8613 | Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | Debian_linux, Qemu | N/A | |
| 2020-07-28 | CVE-2020-15863 | hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555. | Ubuntu_linux, Debian_linux, Qemu | N/A | |
| 2018-10-09 | CVE-2018-17958 | Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. | Ubuntu_linux, Debian_linux, Qemu, Virtualization, Virtualization_manager | N/A | |
| 2018-08-29 | CVE-2018-15746 | qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread. | Qemu | N/A | |
| 2018-06-13 | CVE-2018-11806 | m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | Ubuntu_linux, Debian_linux, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openstack, Virtualization | N/A | |
| 2017-05-23 | CVE-2017-8379 | Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events. | Debian_linux, Qemu, Openstack | N/A |