Vulnerabilities > Qemu > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-23 CVE-2015-5239 Infinite Loop vulnerability in multiple products
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
network
low complexity
qemu fedoraproject canonical suse arista CWE-835
6.5
2020-01-16 CVE-2020-7039 Out-of-bounds Write vulnerability in multiple products
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC.
network
high complexity
libslirp-project debian opensuse qemu CWE-787
5.6
2019-06-03 CVE-2019-9824 Use of Uninitialized Resource vulnerability in Qemu 3.0.0
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
local
low complexity
qemu CWE-908
5.5
2019-03-21 CVE-2019-6501 Out-of-bounds Write vulnerability in multiple products
In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.
local
low complexity
qemu fedoraproject CWE-787
5.5
2019-03-21 CVE-2018-18849 Out-of-bounds Read vulnerability in multiple products
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
5.5
2019-02-19 CVE-2019-3812 QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function.
local
low complexity
qemu fedoraproject canonical opensuse
5.5
2018-12-20 CVE-2018-20124 Out-of-bounds Read vulnerability in multiple products
hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
local
low complexity
qemu canonical CWE-125
5.5
2018-12-20 CVE-2018-20126 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
local
low complexity
qemu canonical opensuse CWE-772
5.5
2018-12-17 CVE-2018-20123 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.
local
low complexity
qemu canonical fedoraproject CWE-772
5.5
2018-12-13 CVE-2018-16872 A flaw was found in qemu Media Transfer Protocol (MTP).
network
high complexity
qemu debian fedoraproject canonical opensuse
5.3