rpm package
suse/qemu&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-4207 | — | < 5.2.0-150300.115.2 | 5.2.0-150300.115.2 | Apr 29, 2022 | A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileg | ||
| CVE-2022-1050 | — | < 5.2.0-150300.121.2 | 5.2.0-150300.121.2 | Mar 29, 2022 | A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition. | ||
| CVE-2022-26354 | — | < 5.2.0-150300.115.2 | 5.2.0-150300.115.2 | Mar 16, 2022 | A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0. | ||
| CVE-2021-3638 | — | < 5.2.0-150300.127.3 | 5.2.0-150300.127.3 | Mar 3, 2022 | An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this | ||
| CVE-2021-3930 | — | < 5.2.0-150300.112.4 | 5.2.0-150300.112.4 | Feb 18, 2022 | An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a d | ||
| CVE-2021-3507 | — | < 5.2.0-150300.121.2 | 5.2.0-150300.121.2 | May 6, 2021 | A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this f |
- CVE-2021-4207Apr 29, 2022affected < 5.2.0-150300.115.2fixed 5.2.0-150300.115.2
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileg
- CVE-2022-1050Mar 29, 2022affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition.
- CVE-2022-26354Mar 16, 2022affected < 5.2.0-150300.115.2fixed 5.2.0-150300.115.2
A flaw was found in the vhost-vsock device of QEMU. In case of error, an invalid element was not detached from the virtqueue before freeing its memory, leading to memory leakage and other unexpected results. Affected QEMU versions <= 6.2.0.
- CVE-2021-3638Mar 3, 2022affected < 5.2.0-150300.127.3fixed 5.2.0-150300.127.3
An out-of-bounds memory access flaw was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling MMIO write operations when the guest provides invalid values for the destination display parameters. A malicious guest could use this
- CVE-2021-3930Feb 18, 2022affected < 5.2.0-150300.112.4fixed 5.2.0-150300.112.4
An off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a d
- CVE-2021-3507May 6, 2021affected < 5.2.0-150300.121.2fixed 5.2.0-150300.121.2
A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this f
Page 2 of 2