Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Qemu
(Qemu)Repositories |
• https://github.com/qemu/qemu
• https://github.com/bonzini/qemu • https://github.com/torvalds/linux |
#Vulnerabilities | 406 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-06-02 | CVE-2020-13754 | hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. | Ubuntu_linux, Debian_linux, Qemu | 6.7 | ||
2020-08-31 | CVE-2020-12829 | In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service. | Ubuntu_linux, Debian_linux, Qemu | 3.8 | ||
2018-12-06 | CVE-2018-19665 | The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. | Leap, Qemu | 5.7 | ||
2016-12-23 | CVE-2016-9923 | Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS. | Qemu | 5.5 | ||
2016-12-23 | CVE-2016-9912 | Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtio_gpu_resource_destroy'. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host. | Qemu | 6.5 | ||
2016-12-23 | CVE-2016-9908 | Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET' command. A guest user/process could use this flaw to leak contents of the host memory bytes. | Qemu | 3.3 | ||
2016-12-09 | CVE-2016-9101 | Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device. | Debian_linux, Leap, Qemu | 6.0 | ||
2016-04-26 | CVE-2016-4002 | Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes. | Ubuntu_linux, Debian_linux, Fedora, Qemu | 9.8 | ||
2017-04-13 | CVE-2015-8619 | The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | Debian_linux, Qemu | 7.5 | ||
2017-04-13 | CVE-2015-8345 | The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | Debian_linux, Qemu | 6.5 |