Vulnerabilities > Qemu

DATE CVE VULNERABILITY TITLE RISK
2020-05-04 CVE-2020-10717 Allocation of Resources Without Limits or Throttling vulnerability in Qemu 5.0/5.0.0
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0.
local
low complexity
qemu CWE-770
6.5
2020-04-27 CVE-2020-11869 Integer Overflow or Wraparound vulnerability in Qemu
An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation.
local
low complexity
qemu CWE-190
3.3
2020-04-06 CVE-2020-11102 Out-of-bounds Write vulnerability in Qemu 4.2.0
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
network
high complexity
qemu CWE-787
5.6
2020-03-10 CVE-2019-15034 Classic Buffer Overflow vulnerability in Qemu 4.0.0
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
local
high complexity
qemu CWE-120
5.8
2020-03-05 CVE-2019-20382 Memory Leak vulnerability in multiple products
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.
3.5
2020-02-11 CVE-2020-1711 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine.
network
high complexity
qemu redhat debian opensuse CWE-787
6.0
2020-02-11 CVE-2013-4535 Improper Input Validation vulnerability in multiple products
The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.
local
low complexity
qemu redhat CWE-20
8.8
2020-01-31 CVE-2015-6815 Infinite Loop vulnerability in multiple products
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
3.5
2020-01-23 CVE-2015-5745 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
network
low complexity
qemu fedoraproject arista CWE-120
6.5
2020-01-23 CVE-2015-5278 Infinite Loop vulnerability in multiple products
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
network
low complexity
qemu fedoraproject canonical arista CWE-835
6.5