Vulnerabilities > Qemu > Qemu > 2.10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-13 | CVE-2018-11806 | Out-of-bounds Write vulnerability in multiple products m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | 7.2 |
| 2018-03-12 | CVE-2018-7858 | Out-of-bounds Read vulnerability in multiple products Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. | 2.1 |
| 2018-03-01 | CVE-2018-7550 | Out-of-bounds Write vulnerability in multiple products The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. | 8.8 |
| 2018-01-31 | CVE-2017-18043 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash). | 5.5 |
| 2018-01-23 | CVE-2018-5683 | Out-of-bounds Read vulnerability in multiple products The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. | 2.1 |
| 2018-01-09 | CVE-2017-15124 | Allocation of Resources Without Limits or Throttling vulnerability in Qemu VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. | 7.5 |
| 2017-12-07 | CVE-2017-17381 | Divide By Zero vulnerability in multiple products The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings. | 2.1 |
| 2017-11-17 | CVE-2017-16845 | Improper Input Validation vulnerability in multiple products hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access. | 6.4 |
| 2017-10-16 | CVE-2017-15289 | Out-of-bounds Write vulnerability in Qemu The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation. | 2.1 |
| 2017-10-12 | CVE-2017-15268 | Missing Release of Resource after Effective Lifetime vulnerability in Qemu Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. | 5.0 |