VYPR

rpm package

opensuse/qemu&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/qemu&distro=openSUSE%20Tumbleweed

Vulnerabilities (224)

  • CVE-2017-7471CriJul 9, 2018
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A privileged user inside guest could use this flaw to acc

  • CVE-2017-2615MedJul 3, 2018
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process result

  • CVE-2018-11806HigJun 13, 2018
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

  • CVE-2018-3639MedMay 22, 2018
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka

  • CVE-2016-9602HigApr 26, 2018
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.

  • CVE-2018-7858MedMar 12, 2018
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

  • CVE-2017-5715MedJan 4, 2018
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

  • CVE-2017-15289MedOct 16, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.

  • CVE-2017-15268HigOct 12, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c.

  • CVE-2017-15038MedOct 10, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS users to obtain sensitive information from host heap memory via vectors related to reading extended attributes.

  • CVE-2017-14167HigSep 8, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.

  • CVE-2017-13711HigSep 1, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properly clear ifq_so from pending packets.

  • CVE-2017-13673MedAug 29, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    The vga display update in mis-calculated the region for the dirty bitmap snapshot in case split screen mode is used causing a denial of service (assertion failure) in the cpu_physical_memory_snapshot_get_dirty function.

  • CVE-2017-8380CriAug 28, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 allows remote attackers to have unspecified impact via unknown vectors.

  • CVE-2014-0146MedAug 10, 2017
    affected < 2.6.1-1.5fixed 2.6.1-1.5

    The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fie

  • CVE-2014-0145HigAug 10, 2017
    affected < 2.6.1-1.5fixed 2.6.1-1.5

    Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncomp

  • CVE-2014-0143HigAug 10, 2017
    affected < 2.6.1-1.5fixed 2.6.1-1.5

    Multiple integer overflows in the block drivers in QEMU, possibly before 2.0.0, allow local users to cause a denial of service (crash) via a crafted catalog size in (1) the parallels_open function in block/parallels.c or (2) bochs_open function in bochs.c, a large L1 table in the

  • CVE-2014-0142MedAug 10, 2017
    affected < 2.6.1-1.5fixed 2.6.1-1.5

    QEMU, possibly before 2.0.0, allows local users to cause a denial of service (divide-by-zero error and crash) via a zero value in the (1) tracks field to the seek_to_sector function in block/parallels.c or (2) extent_size field in the bochs function in block/bochs.c.

  • CVE-2017-11334MedAug 2, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.

  • CVE-2017-10806MedAug 2, 2017
    affected < 6.1.0-32.1fixed 6.1.0-32.1

    Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.

Page 6 of 12