Vulnerabilities > Qemu > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-04 CVE-2020-13791 Out-of-bounds Read vulnerability in Qemu
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
local
low complexity
qemu CWE-125
5.5
2020-06-04 CVE-2020-13765 Out-of-bounds Write vulnerability in multiple products
rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.
network
high complexity
qemu canonical debian CWE-787
5.6
2020-06-02 CVE-2020-13754 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
local
low complexity
qemu canonical debian CWE-119
6.7
2020-05-27 CVE-2020-13253 Out-of-bounds Read vulnerability in multiple products
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations.
local
low complexity
qemu canonical debian CWE-125
5.5
2020-05-04 CVE-2020-10717 Allocation of Resources Without Limits or Throttling vulnerability in Qemu 5.0/5.0.0
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0.
local
low complexity
qemu CWE-770
6.5
2020-04-06 CVE-2020-11102 Out-of-bounds Write vulnerability in Qemu 4.2.0
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
network
high complexity
qemu CWE-787
5.6
2020-03-10 CVE-2019-15034 Classic Buffer Overflow vulnerability in Qemu 4.0.0
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
local
high complexity
qemu CWE-120
5.8
2020-02-11 CVE-2020-1711 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine.
network
high complexity
qemu redhat debian opensuse CWE-787
6.0
2020-01-23 CVE-2015-5745 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
network
low complexity
qemu fedoraproject arista CWE-120
6.5
2020-01-23 CVE-2015-5278 Infinite Loop vulnerability in multiple products
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
network
low complexity
qemu fedoraproject canonical arista CWE-835
6.5