Vulnerabilities > Qemu

DATE CVE VULNERABILITY TITLE RISK
2022-05-11 CVE-2021-3611 Out-of-bounds Write vulnerability in multiple products
A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU.
local
low complexity
qemu redhat CWE-787
2.1
2022-05-02 CVE-2021-3750 Use After Free vulnerability in multiple products
A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU.
local
low complexity
qemu redhat CWE-416
4.6
2022-04-29 CVE-2021-4206 Incorrect Calculation of Buffer Size vulnerability in multiple products
A flaw was found in the QXL display device emulation in QEMU.
local
low complexity
qemu redhat debian CWE-131
4.6
2022-04-29 CVE-2021-4207 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in the QXL display device emulation in QEMU.
local
low complexity
qemu redhat debian CWE-120
4.6
2022-04-01 CVE-2021-20295 Out-of-bounds Read vulnerability in Qemu
It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://access.redhat.com/errata/RHSA-2020:4676) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://access.redhat.com/errata/RHSA-2020:4059).
local
low complexity
qemu CWE-125
2.1
2022-03-29 CVE-2022-1050 Use After Free vulnerability in Qemu
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device.
local
low complexity
qemu CWE-416
4.6
2022-03-25 CVE-2021-3582 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qemu
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device.
local
low complexity
qemu CWE-119
2.1
2022-03-23 CVE-2021-3748 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the virtio-net device of QEMU.
7.2
2022-03-16 CVE-2021-20257 Infinite Loop vulnerability in multiple products
An infinite loop flaw was found in the e1000 NIC emulator of the QEMU.
local
low complexity
qemu fedoraproject redhat CWE-835
2.1
2022-03-16 CVE-2022-26353 Missing Release of Resource after Effective Lifetime vulnerability in Qemu 6.2.0
A flaw was found in the virtio-net device of QEMU.
network
low complexity
qemu CWE-772
5.0