3.0.0

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-13	CVE-2018-16872	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP). network high complexity qemu debian fedoraproject canonical opensuse CWE-367	5.3
2018-12-13	CVE-2018-19489	Race Condition vulnerability in multiple products v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. local high complexity qemu debian fedoraproject canonical opensuse CWE-362	4.7
2018-12-13	CVE-2018-19364	Use After Free vulnerability in multiple products hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. local low complexity qemu canonical debian fedoraproject opensuse CWE-416	5.5
2018-12-12	CVE-2018-16867	Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. local high complexity qemu fedoraproject canonical CWE-362	7.8
2018-12-06	CVE-2018-19665	Integer Overflow or Wraparound vulnerability in multiple products The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption. low complexity qemu opensuse CWE-190	2.7
2018-11-15	CVE-2018-18954	Out-of-bounds Read vulnerability in multiple products The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory. local low complexity qemu canonical opensuse CWE-125	2.1
2018-11-02	CVE-2018-16847	Out-of-bounds Read vulnerability in multiple products An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. local low complexity qemu canonical CWE-125	4.6
2018-10-16	CVE-2018-10839	Stack-based Buffer Overflow vulnerability in multiple products Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. network low complexity qemu canonical debian CWE-121	6.5
2018-10-09	CVE-2018-17963	Integer Overflow or Wraparound vulnerability in multiple products qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. network low complexity qemu debian canonical redhat CWE-190	7.5
2018-10-09	CVE-2018-17958	Integer Overflow or Wraparound vulnerability in multiple products Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. network low complexity qemu canonical debian redhat CWE-190	5.0