Vulnerabilities > Qemu > Low

DATE CVE VULNERABILITY TITLE RISK
2022-08-17 CVE-2020-14394 Infinite Loop vulnerability in multiple products
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring.
local
low complexity
qemu fedoraproject redhat CWE-835
3.2
2022-03-16 CVE-2022-26354 A flaw was found in the vhost-vsock device of QEMU.
local
low complexity
qemu debian
3.2
2021-03-23 CVE-2021-3392 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the MegaRAID emulator of QEMU.
local
low complexity
qemu fedoraproject debian CWE-416
3.2
2021-03-09 CVE-2021-20263 Unspecified vulnerability in Qemu
A flaw was found in the virtio-fs shared file system daemon (virtiofsd) of QEMU.
local
low complexity
qemu
3.3
2021-02-25 CVE-2021-20203 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0.
local
low complexity
qemu fedoraproject debian CWE-190
3.2
2021-01-26 CVE-2020-29443 Out-of-bounds Read vulnerability in multiple products
ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
local
high complexity
qemu debian CWE-125
3.9
2020-12-31 CVE-2020-11947 Out-of-bounds Read vulnerability in Qemu 4.1.0
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
local
low complexity
qemu CWE-125
3.8
2020-12-02 CVE-2020-25723 A reachable assertion issue was found in the USB EHCI emulation code of QEMU.
local
low complexity
qemu debian
3.2
2020-10-06 CVE-2020-25742 NULL Pointer Dereference vulnerability in Qemu
pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.
local
low complexity
qemu CWE-476
3.2
2020-10-06 CVE-2020-25743 NULL Pointer Dereference vulnerability in multiple products
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
local
low complexity
qemu redhat CWE-476
3.2