Vulnerabilities > Qemu > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-12-13 CVE-2018-19489 Race Condition vulnerability in multiple products
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
4.7
2018-12-13 CVE-2018-19364 Use After Free vulnerability in multiple products
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
5.5
2018-12-06 CVE-2018-19665 Integer Overflow or Wraparound vulnerability in multiple products
The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption.
low complexity
qemu opensuse CWE-190
5.7
2018-11-15 CVE-2018-18954 Out-of-bounds Write vulnerability in multiple products
The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.
local
low complexity
qemu canonical opensuse CWE-787
5.5
2018-10-19 CVE-2018-18438 Integer Overflow or Wraparound vulnerability in multiple products
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
local
low complexity
qemu redhat CWE-190
5.5
2018-10-16 CVE-2018-10839 Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue.
network
low complexity
qemu canonical debian
6.5
2018-08-29 CVE-2018-15746 Unspecified vulnerability in Qemu
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
local
low complexity
qemu
5.5
2018-07-27 CVE-2017-2633 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver.
network
low complexity
qemu redhat CWE-787
6.5
2018-03-12 CVE-2018-7858 Out-of-bounds Read vulnerability in multiple products
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.
local
low complexity
qemu opensuse redhat canonical CWE-125
5.5
2018-01-31 CVE-2017-18043 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
local
low complexity
qemu debian canonical CWE-190
5.5