Vulnerabilities > Qemu
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-04 | CVE-2020-10717 | Allocation of Resources Without Limits or Throttling vulnerability in Qemu 5.0/5.0.0 A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0. | 6.5 |
2020-04-27 | CVE-2020-11869 | Integer Overflow or Wraparound vulnerability in Qemu An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. | 3.3 |
2020-04-06 | CVE-2020-11102 | Out-of-bounds Write vulnerability in Qemu 4.2.0 hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length. | 5.6 |
2020-03-10 | CVE-2019-15034 | Classic Buffer Overflow vulnerability in Qemu 4.0.0 hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space. | 5.8 |
2020-03-05 | CVE-2019-20382 | Memory Leak vulnerability in multiple products QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd. | 3.5 |
2020-02-11 | CVE-2020-1711 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. | 6.0 |
2020-02-11 | CVE-2013-4535 | Improper Input Validation vulnerability in multiple products The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read. | 8.8 |
2020-01-31 | CVE-2015-6815 | Infinite Loop vulnerability in multiple products The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. | 3.5 |
2020-01-23 | CVE-2015-5745 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message. | 6.5 |
2020-01-23 | CVE-2015-5278 | Infinite Loop vulnerability in multiple products The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. | 6.5 |