Filtered by vendor Qemu
Subscriptions
Filtered by product Qemu
Subscriptions
Total
413 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-4151 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | N/A |
The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write. | ||||
CVE-2013-2016 | 3 Debian, Novell, Qemu | 4 Debian Linux, Open Desktop Server, Open Enterprise Server and 1 more | 2024-08-06 | 7.8 High |
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host. | ||||
CVE-2013-2007 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2024-08-06 | N/A |
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files. | ||||
CVE-2014-9718 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-08-06 | N/A |
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS denial of service (memory consumption or infinite loop, and system crash) via a PRDT with zero complete sectors, related to the bmdma_prepare_buf and ahci_dma_prepare_buf functions. | ||||
CVE-2014-8106 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | N/A |
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320. | ||||
CVE-2014-7815 | 5 Canonical, Debian, Qemu and 2 more | 12 Ubuntu Linux, Debian Linux, Qemu and 9 more | 2024-08-06 | N/A |
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value. | ||||
CVE-2014-7840 | 2 Qemu, Redhat | 8 Qemu, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-08-06 | N/A |
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data. | ||||
CVE-2014-5388 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2024-08-06 | N/A |
Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption. | ||||
CVE-2014-5263 | 1 Qemu | 1 Qemu | 2024-08-06 | N/A |
vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors. | ||||
CVE-2014-3640 | 4 Canonical, Debian, Qemu and 1 more | 8 Ubuntu Linux, Debian Linux, Qemu and 5 more | 2024-08-06 | N/A |
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket. | ||||
CVE-2014-3689 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2024-08-06 | N/A |
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling. | ||||
CVE-2014-3615 | 5 Canonical, Debian, Opensuse and 2 more | 13 Ubuntu Linux, Debian Linux, Opensuse and 10 more | 2024-08-06 | N/A |
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution. | ||||
CVE-2014-3461 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | N/A |
hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks." | ||||
CVE-2014-3471 | 1 Qemu | 1 Qemu | 2024-08-06 | N/A |
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices. | ||||
CVE-2014-2894 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | N/A |
Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption. | ||||
CVE-2014-0223 | 3 Qemu, Redhat, Suse | 4 Qemu, Enterprise Linux, Openstack and 1 more | 2024-08-06 | N/A |
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read. | ||||
CVE-2014-0182 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | N/A |
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image. | ||||
CVE-2014-0222 | 3 Qemu, Redhat, Suse | 4 Qemu, Enterprise Linux, Openstack and 1 more | 2024-08-06 | N/A |
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image. | ||||
CVE-2014-0150 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | N/A |
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow. | ||||
CVE-2014-0146 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-08-06 | N/A |
The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields. |