Vulnerabilities > Qemu > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-16 | CVE-2017-9373 | Memory Leak vulnerability in multiple products Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the AHCI device. | 5.5 |
| 2017-06-08 | CVE-2017-9330 | Infinite Loop vulnerability in multiple products QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505. | 5.6 |
| 2017-06-08 | CVE-2017-9310 | Infinite Loop vulnerability in multiple products QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) outside the allocated descriptor buffer. | 5.6 |
| 2017-06-01 | CVE-2017-9060 | Memory Leak vulnerability in Qemu Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large number of "VIRTIO_GPU_CMD_SET_SCANOUT:" commands. | 5.5 |
| 2017-05-23 | CVE-2017-8379 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events. | 4.9 |
| 2017-05-17 | CVE-2017-7493 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. | 4.6 |
| 2017-05-02 | CVE-2017-8112 | Infinite Loop vulnerability in multiple products hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count. | 4.9 |
| 2017-05-02 | CVE-2017-8086 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable. | 6.5 |
| 2017-04-20 | CVE-2017-7718 | Out-of-bounds Read vulnerability in multiple products hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions. | 5.5 |
| 2017-04-13 | CVE-2015-8619 | Out-of-bounds Write vulnerability in multiple products The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | 5.0 |