VYPR

Qemu

by QEMU

Source repositories

CVEs (438)

  • CVE-2015-8504MedApr 11, 2017
    risk 0.42cvss 6.5epss 0.03

    Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.

  • CVE-2017-5857MedMar 16, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching…

  • CVE-2017-5856MedMar 16, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) via MegaRAID Firmware Interface (MFI) commands with the sglist size set to a value over…

  • CVE-2017-5667MedMar 16, 2017
    risk 0.42cvss 6.5epss 0.00

    The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data…

  • CVE-2017-5579MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the serial_exit_core function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-5578MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the virtio_gpu_resource_attach_backing function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

  • CVE-2017-5552MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the virgl_resource_attach_backing function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_ATTACH_BACKING commands.

  • CVE-2017-5526MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-5525MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.

  • CVE-2017-6505MedMar 15, 2017
    risk 0.42cvss 6.5epss 0.00

    The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than…

  • CVE-2016-9916MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

  • CVE-2016-9915MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the handle backend.

  • CVE-2016-9914MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in FileOperations.

  • CVE-2016-9913MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) via vectors involving the order of resource cleanup.

  • CVE-2016-9846MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS…

  • CVE-2016-9845MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes.

  • CVE-2015-8701MedDec 29, 2016
    risk 0.42cvss 6.5epss 0.00

    QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRAGS_MAX=16) fragments. A…

  • CVE-2016-9921MedDec 23, 2016
    risk 0.42cvss 6.5epss 0.00

    Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process…

  • CVE-2016-9912MedDec 23, 2016
    risk 0.42cvss 6.5epss 0.00

    Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while destroying gpu resource object in 'virtio_gpu_resource_destroy'. A guest user/process could use this flaw to leak host memory bytes, resulting in…

  • CVE-2016-9911MedDec 23, 2016
    risk 0.42cvss 6.5epss 0.00

    Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

Page 4 of 22