Total
413 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-10029 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts. | |||||
CVE-2016-10028 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0. | |||||
CVE-2015-8818 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors. | |||||
CVE-2015-8817 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS. | |||||
CVE-2015-8745 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. | |||||
CVE-2015-8744 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS. | |||||
CVE-2015-8743 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes. | |||||
CVE-2015-8701 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRAGS_MAX=16) fragments. A privileged user inside guest could use this flaw to cause memory leakage on the host or crash the QEMU process instance resulting in DoS issue. | |||||
CVE-2015-8666 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 3.3 LOW | 7.9 HIGH |
Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator. | |||||
CVE-2015-8619 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | |||||
CVE-2015-8613 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 1.9 LOW | 6.5 MEDIUM |
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command. | |||||
CVE-2015-8568 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 4.7 MEDIUM | 6.5 MEDIUM |
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly. | |||||
CVE-2015-8567 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2024-11-21 | 6.8 MEDIUM | 7.7 HIGH |
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | |||||
CVE-2015-8558 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list. | |||||
CVE-2015-8556 | 1 Qemu | 1 Qemu | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1. | |||||
CVE-2015-8504 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. | |||||
CVE-2015-8345 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | |||||
CVE-2015-7549 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 6.0 MEDIUM |
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method. | |||||
CVE-2015-7512 | 4 Debian, Oracle, Qemu and 1 more | 9 Debian Linux, Linux, Qemu and 6 more | 2024-11-21 | 6.8 MEDIUM | 9.0 CRITICAL |
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. | |||||
CVE-2015-7504 | 3 Debian, Qemu, Xen | 3 Debian Linux, Qemu, Xen | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode. |