Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Qemu
(Qemu)Repositories |
• https://github.com/qemu/qemu
• https://github.com/bonzini/qemu • https://github.com/torvalds/linux |
#Vulnerabilities | 406 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-01-21 | CVE-2020-7211 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. | Libslirp, Qemu | N/A | ||
2019-12-30 | CVE-2013-2016 | A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host. | Debian_linux, Open_desktop_server, Open_enterprise_server, Qemu | N/A | ||
2020-01-02 | CVE-2013-4532 | Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | Ubuntu_linux, Debian_linux, Qemu | N/A | ||
2017-10-12 | CVE-2017-15268 | Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. | Qemu | 7.5 | ||
2019-09-06 | CVE-2019-15890 | libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c. | Libslirp, Qemu | N/A | ||
2018-11-15 | CVE-2018-18954 | The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. | Ubuntu_linux, Leap, Qemu | 5.5 | ||
2017-08-28 | CVE-2017-8380 | Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors. | Qemu | 9.8 | ||
2017-10-09 | CVE-2017-15038 | Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes. | Qemu | 5.6 | ||
2017-03-24 | CVE-2015-8556 | Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. | Qemu | 10.0 | ||
2015-08-26 | CVE-2015-4037 | The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program. | Qemu | N/A |