Vulnerabilities > Qemu > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-04 CVE-2020-10702 Unspecified vulnerability in Qemu
A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0.
local
low complexity
qemu
5.5
2020-06-04 CVE-2020-13800 Uncontrolled Recursion vulnerability in multiple products
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.
local
low complexity
qemu canonical opensuse CWE-674
6.0
2020-06-04 CVE-2020-13791 Out-of-bounds Read vulnerability in Qemu
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
local
low complexity
qemu CWE-125
5.5
2020-06-04 CVE-2020-13765 Out-of-bounds Write vulnerability in multiple products
rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.
network
high complexity
qemu canonical debian CWE-787
5.6
2020-06-02 CVE-2020-13754 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
local
low complexity
qemu canonical debian CWE-119
6.7
2020-05-27 CVE-2020-13253 Out-of-bounds Read vulnerability in multiple products
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations.
local
low complexity
qemu canonical debian CWE-125
5.5
2020-05-04 CVE-2020-10717 Allocation of Resources Without Limits or Throttling vulnerability in Qemu 5.0/5.0.0
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0.
local
low complexity
qemu CWE-770
6.5
2020-04-06 CVE-2020-11102 Out-of-bounds Write vulnerability in Qemu 4.2.0
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
network
high complexity
qemu CWE-787
5.6
2020-03-10 CVE-2019-15034 Classic Buffer Overflow vulnerability in Qemu 4.0.0
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.
local
high complexity
qemu CWE-120
5.8
2020-02-11 CVE-2020-1711 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine.
network
high complexity
qemu redhat debian opensuse CWE-787
6.0