Vulnerabilities > Qemu

DATE CVE VULNERABILITY TITLE RISK
2019-02-19 CVE-2019-3812 QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function.
local
low complexity
qemu fedoraproject canonical opensuse
5.5
5.5
2018-12-20 CVE-2018-20191 NULL Pointer Dereference vulnerability in multiple products
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
network
low complexity
qemu canonical fedoraproject CWE-476
7.5
7.5
2018-12-20 CVE-2018-20124 Out-of-bounds Read vulnerability in multiple products
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
local
low complexity
qemu canonical CWE-125
5.5
5.5
2018-12-20 CVE-2018-20216 Infinite Loop vulnerability in multiple products
QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
network
low complexity
qemu canonical CWE-835
7.5
7.5
2018-12-20 CVE-2018-20126 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
local
low complexity
qemu canonical opensuse CWE-772
5.5
5.5
2018-12-20 CVE-2018-20125 NULL Pointer Dereference vulnerability in multiple products
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
network
low complexity
qemu canonical CWE-476
7.5
7.5
2018-12-17 CVE-2018-20123 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.
local
low complexity
qemu canonical fedoraproject CWE-772
5.5
5.5
2018-12-13 CVE-2018-16872 A flaw was found in qemu Media Transfer Protocol (MTP).
network
high complexity
qemu debian fedoraproject canonical opensuse
5.3
5.3
2018-12-13 CVE-2018-19489 Race Condition vulnerability in multiple products
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. 		4.7
4.7
2018-12-13 CVE-2018-19364 Use After Free vulnerability in multiple products
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. 		5.5
5.5