rpm package

suse/qemu&distro=SUSE Linux Enterprise Server 12 SP1

pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1

Vulnerabilities (85)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2015-5745		—	< 2.3.1-14.1	2.3.1-14.1	Jan 23, 2020	Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
CVE-2017-2620		—	< 2.3.1-32.11	2.3.1-32.11	Jul 27, 2018	Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU pro
CVE-2017-2615		—	< 2.3.1-32.11	2.3.1-32.11	Jul 2, 2018	Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process result
CVE-2015-7549	Med	6.0	< 2.3.1-14.1	2.3.1-14.1	Oct 30, 2017	The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
CVE-2015-8619	Hig	7.5	< 2.3.1-14.1	2.3.1-14.1	Apr 13, 2017	The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
CVE-2015-8567	Hig	7.7	< 2.3.1-14.1	2.3.1-14.1	Apr 13, 2017	Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-8345	Med	6.5	< 2.3.1-7.7	2.3.1-7.7	Apr 13, 2017	The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
CVE-2015-8613	Med	6.5	< 2.3.1-14.1	2.3.1-14.1	Apr 11, 2017	Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVE-2015-8568	Med	6.5	< 2.3.1-14.1	2.3.1-14.1	Apr 11, 2017	Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
CVE-2015-8504	Med	6.5	< 2.3.1-14.1	2.3.1-14.1	Apr 11, 2017	Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
CVE-2016-9922	Med	5.5	< 2.3.1-32.11	2.3.1-32.11	Mar 27, 2017	The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
CVE-2017-5856	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 16, 2017	Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over
CVE-2017-5667	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 16, 2017	The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer
CVE-2017-5898	Med	5.5	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units
CVE-2017-5526	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-5525	Med	6.5	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2016-10155	Med	6.0	< 2.3.1-32.11	2.3.1-32.11	Mar 15, 2017	Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2016-9776	Med	5.5	< 2.3.1-32.11	2.3.1-32.11	Dec 29, 2016	QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process
CVE-2016-2198	Med	5.5	< 2.3.1-14.1	2.3.1-14.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process
CVE-2016-2197	Med	5.5	< 2.3.1-14.1	2.3.1-14.1	Dec 29, 2016	QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash t

CVE-2015-5745Jan 23, 2020
affected < 2.3.1-14.1fixed 2.3.1-14.1
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
CVE-2017-2620Jul 27, 2018
affected < 2.3.1-32.11fixed 2.3.1-32.11
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU pro
CVE-2017-2615Jul 2, 2018
affected < 2.3.1-32.11fixed 2.3.1-32.11
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process result
CVE-2015-7549MedOct 30, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
CVE-2015-8619HigApr 13, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
CVE-2015-8567HigApr 13, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-8345MedApr 13, 2017
affected < 2.3.1-7.7fixed 2.3.1-7.7
The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.
CVE-2015-8613MedApr 11, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVE-2015-8568MedApr 11, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.
CVE-2015-8504MedApr 11, 2017
affected < 2.3.1-14.1fixed 2.3.1-14.1
Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.
CVE-2016-9922MedMar 27, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving blit pitch values.
CVE-2017-5856MedMar 16, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over
CVE-2017-5667MedMar 16, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer
CVE-2017-5898MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Integer overflow in the emulated_apdu_from_guest function in usb/dev-smartcard-reader.c in Quick Emulator (Qemu), when built with the CCID Card device emulator support, allows local users to cause a denial of service (application crash) via a large Application Protocol Data Units
CVE-2017-5526MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-5525MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2016-10155MedMar 15, 2017
affected < 2.3.1-32.11fixed 2.3.1-32.11
Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2016-9776MedDec 29, 2016
affected < 2.3.1-32.11fixed 2.3.1-32.11
QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process
CVE-2016-2198MedDec 29, 2016
affected < 2.3.1-14.1fixed 2.3.1-14.1
QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process
CVE-2016-2197MedDec 29, 2016
affected < 2.3.1-14.1fixed 2.3.1-14.1
QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash t

Page 1 of 5