rpm package

suse/qemu&distro=SUSE Linux Enterprise Server 12

pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012

Vulnerabilities (50)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2015-5239		—	< 2.0.2-48.19.1	2.0.2-48.19.1	Jan 23, 2020	Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
CVE-2015-5278		—	< 2.0.2-48.9.1	2.0.2-48.9.1	Jan 23, 2020	The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
CVE-2015-5745		—	< 2.0.2-48.19.1	2.0.2-48.19.1	Jan 23, 2020	Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
CVE-2015-7549	Med	6.0	< 2.0.2-48.19.1	2.0.2-48.19.1	Oct 30, 2017	The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
CVE-2015-8619	Hig	7.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Apr 13, 2017	The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
CVE-2015-8567	Hig	7.7	< 2.0.2-48.19.1	2.0.2-48.19.1	Apr 13, 2017	Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-8345	Med	6.5	< 2.0.2-48.12.1	2.0.2-48.12.1	Apr 13, 2017	The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
CVE-2015-8613	Med	6.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Apr 11, 2017	Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVE-2015-8568	Med	6.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Apr 11, 2017	Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
CVE-2015-8504	Med	6.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Apr 11, 2017	Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
CVE-2016-2198	Med	5.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process
CVE-2016-1981	Med	5.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated des
CVE-2016-1922	Med	5.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer de
CVE-2015-8818	Med	5.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.
CVE-2015-8817	Med	5.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest c
CVE-2015-8745	Med	5.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulti
CVE-2015-8744	Med	5.5	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance
CVE-2015-8743	Hig	7.1	< 2.0.2-48.19.1	2.0.2-48.19.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes.
CVE-2016-4952	Med	6.0	< 2.0.2-48.19.1	2.0.2-48.19.1	Sep 2, 2016	QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING S
CVE-2016-2841	Med	6.0	< 2.0.2-48.19.1	2.0.2-48.19.1	Jun 16, 2016	The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring bu

CVE-2015-5239Jan 23, 2020
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
CVE-2015-5278Jan 23, 2020
affected < 2.0.2-48.9.1fixed 2.0.2-48.9.1
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
CVE-2015-5745Jan 23, 2020
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
CVE-2015-7549MedOct 30, 2017
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
CVE-2015-8619HigApr 13, 2017
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
CVE-2015-8567HigApr 13, 2017
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-8345MedApr 13, 2017
affected < 2.0.2-48.12.1fixed 2.0.2-48.12.1
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
CVE-2015-8613MedApr 11, 2017
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVE-2015-8568MedApr 11, 2017
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
CVE-2015-8504MedApr 11, 2017
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
CVE-2016-2198MedDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process
CVE-2016-1981MedDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated des
CVE-2016-1922MedDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference flaw. It occurs while doing I/O port write operations via hmp interface. In that, 'current_cpu' remains null, which leads to the null pointer de
CVE-2015-8818MedDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service (guest crash) via unspecified vectors.
CVE-2015-8817MedDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest c
CVE-2015-8745MedDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while reading Interrupt Mask Registers (IMR). A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulti
CVE-2015-8744MedDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance
CVE-2015-8743HigDec 29, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while performing 'ioport' r/w operations. A privileged (CAP_SYS_RAWIO) user/process could use this flaw to leak or corrupt QEMU memory bytes.
CVE-2016-4952MedSep 2, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING S
CVE-2016-2841MedJun 16, 2016
affected < 2.0.2-48.19.1fixed 2.0.2-48.19.1
The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring bu

Page 1 of 3