Vulnerabilities > Qemu > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-12 | CVE-2017-15268 | Missing Release of Resource after Effective Lifetime vulnerability in Qemu Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. | 5.0 |
| 2017-09-01 | CVE-2017-13711 | Use After Free vulnerability in multiple products Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properly clear ifq_so from pending packets. | 5.0 |
| 2017-08-29 | CVE-2017-13673 | Reachable Assertion vulnerability in Qemu 2.8.0/2.9.0 The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function. | 6.5 |
| 2017-08-10 | CVE-2014-0146 | NULL Pointer Dereference vulnerability in Qemu The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields. | 5.5 |
| 2017-08-10 | CVE-2014-0142 | Divide By Zero vulnerability in Qemu QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c. | 5.5 |
| 2017-08-02 | CVE-2017-10664 | qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt. | 5.0 |
| 2017-07-25 | CVE-2017-7980 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation. | 4.6 |
| 2017-07-06 | CVE-2017-9524 | Improper Input Validation vulnerability in multiple products The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function. | 5.0 |
| 2017-06-16 | CVE-2017-9375 | Infinite Loop vulnerability in multiple products QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing. | 5.5 |
| 2017-06-16 | CVE-2017-9374 | Memory Leak vulnerability in Qemu Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device. | 5.5 |