Vulnerabilities > Qemu > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-04 | CVE-2020-10702 | Unspecified vulnerability in Qemu A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. | 5.5 |
| 2020-06-04 | CVE-2020-13800 | Uncontrolled Recursion vulnerability in multiple products ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call. | 6.0 |
| 2020-06-04 | CVE-2020-13791 | Out-of-bounds Read vulnerability in Qemu hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space. | 5.5 |
| 2020-06-04 | CVE-2020-13765 | Out-of-bounds Write vulnerability in multiple products rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation. | 5.6 |
| 2020-06-02 | CVE-2020-13754 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. | 6.7 |
| 2020-05-27 | CVE-2020-13253 | Out-of-bounds Read vulnerability in multiple products sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. | 5.5 |
| 2020-05-04 | CVE-2020-10717 | Allocation of Resources Without Limits or Throttling vulnerability in Qemu 5.0/5.0.0 A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0. | 6.5 |
| 2020-04-06 | CVE-2020-11102 | Out-of-bounds Write vulnerability in Qemu 4.2.0 hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length. | 5.6 |
| 2020-03-10 | CVE-2019-15034 | Classic Buffer Overflow vulnerability in Qemu 4.0.0 hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space. | 5.8 |
| 2020-02-11 | CVE-2020-1711 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. | 6.0 |