Vulnerabilities > Qemu

DATE CVE VULNERABILITY TITLE RISK
2017-03-15 CVE-2017-6505 Infinite Loop vulnerability in Qemu
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.
local
low complexity
qemu CWE-835
6.5
2017-02-27 CVE-2016-10029 Out-of-bounds Read vulnerability in Qemu
The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.
local
low complexity
qemu CWE-125
5.5
2017-02-27 CVE-2016-10028 Out-of-bounds Read vulnerability in Qemu
The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.
local
low complexity
qemu CWE-125
5.5
2017-01-23 CVE-2016-9381 Race Condition vulnerability in multiple products
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
local
high complexity
qemu citrix CWE-362
7.5
2016-12-29 CVE-2016-9916 Memory Leak vulnerability in multiple products
Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.
local
low complexity
qemu debian CWE-401
6.5
2016-12-29 CVE-2016-9915 Memory Leak vulnerability in multiple products
Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.
local
low complexity
qemu debian CWE-401
6.5
2016-12-29 CVE-2016-9914 Memory Leak vulnerability in multiple products
Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.
local
low complexity
qemu debian CWE-401
6.5
2016-12-29 CVE-2016-9913 Memory Leak vulnerability in Qemu
Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup.
local
low complexity
qemu CWE-401
6.5
2016-12-29 CVE-2016-9846 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qemu
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue.
local
low complexity
qemu CWE-119
6.5
2016-12-29 CVE-2016-9845 Information Exposure vulnerability in Qemu
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue.
local
low complexity
qemu CWE-200
6.5