VIR Vulnerability Intelligence Relay

Search

Found 148 results in 44ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-7423 medium 4.4 4.4 FIX slesdebian debian qemu 10y ago The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (ou…
CVE-2016-7909 medium 4.4 4.4 FIX slesdebian debian qemu 10y ago The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1)…
CVE-2016-7908 medium 4.4 4.4 FIX slesdebian debian qemu 10y ago The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators t…
CVE-2016-7907 medium 4.4 4.4 FIX debian debian qemu 10y ago The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators t…
CVE-2016-6351 medium 6.7 6.7 FIX slesdebian debianubuntu ubuntu qemu 10y ago The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (ou…
CVE-2016-5107 medium 6.0 6.0 FIX slesdebian debianubuntu ubuntu qemu 10y ago The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds re…
CVE-2016-5106 medium 6.0 6.0 FIX slesdebian debianubuntu ubuntu qemu 10y ago The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of …
CVE-2016-5105 medium 4.4 4.4 FIX slesdebian debianubuntu ubuntu qemu 10y ago The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, uses an uninitialized variable, which allows local guest admi…
CVE-2016-4952 medium 6.0 6.0 FIX slesdebian debianubuntu ubuntu qemu 10y ago QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vec…
CVE-2016-5403 medium 5.5 5.5 FIX slesdebian debian rhel qemuredhat 10y ago The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without w…
CVE-2016-2841 medium 6.0 6.0 FIX slesubuntu ubuntudebian debian qemu 10y ago The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU proces…
CVE-2016-2392 medium 6.5 6.5 FIX ubuntu ubuntudebian debian qemu 10y ago The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administr…
CVE-2016-2391 medium 5.0 5.0 FIX slesubuntu ubuntudebian debian qemu 10y ago The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process …
CVE-2016-5337 medium 5.5 5.5 FIX slesubuntu ubuntudebian debian qemu 10y ago The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control informat…
CVE-2016-5238 medium 4.4 4.4 FIX slesubuntu ubuntudebian debian qemu 10y ago The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from t…
CVE-2016-4454 medium 6.0 6.0 FIX slesdebian debianubuntu ubuntu qemu 10y ago The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash)…
CVE-2016-4453 medium 4.4 4.4 FIX slesdebian debianubuntu ubuntu qemu 10y ago The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.
CVE-2016-4020 medium 6.5 6.5 FIX sles rhelubuntu ubuntu qemuredhat 10y ago The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory …
CVE-2016-4037 medium 6.0 6.0 FIX slesubuntu ubuntudebian debian qemu 10y ago The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous tra…
CVE-2015-8558 medium 5.5 5.5 FIX debian debian qemu 10y ago The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer de…
CVE-2016-4441 medium 6.0 6.0 FIX slesubuntu ubuntudebian debian qemu 10y ago The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of servi…
CVE-2016-4439 medium 6.7 6.7 FIX slesubuntu ubuntudebian debian qemu 10y ago The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause …
CVE-2016-3712 medium 5.5 5.5 FIX slesubuntu ubuntudebian debian qemucitrix 10y ago Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
CVE-2015-5158 medium 5.5 5.5 FIX debian debian qemu 10y ago Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance c…
CVE-2016-2858 medium 6.5 6.5 FIX slesubuntu ubuntudebian debian qemu 10y ago QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbit…
CVE-2015-7295 medium 5.0 FIX debian debianfedora fedora qemu 11y ago hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest net…
CVE-2015-3214 medium 7.9 EXPFIX debian debian linux-kernel rhel qemuredhat 11y ago The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitra…
CVE-2015-4037 low 1.9 FIX debian debian qemu 11y ago The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creati…
CVE-2015-4106 medium 4.6 FIX suse susedebian debianfedora fedora qemucitrix 11y ago QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host c…
CVE-2014-9718 medium 4.9 FIX debian debian qemu 11y ago The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS…
CVE-2014-8106 medium 4.6 FIX debian debian qemu 12y ago Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this…
CVE-2014-5388 medium 4.6 FIX ubuntu ubuntudebian debian qemu 12y ago Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact relate…
CVE-2014-7815 medium 5.0 FIX debian debiansuse suseubuntu ubuntu qemuredhat 12y ago The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
CVE-2014-3640 low 2.1 FIX debian debianubuntu ubuntu rhel qemu 12y ago The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and a…
CVE-2014-3461 medium 6.8 FIX debian debian qemu 12y ago hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."
CVE-2014-0223 medium 4.6 FIX suse susedebian debian qemu 12y ago Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, whi…
CVE-2014-3615 low 2.1 FIX slesdebian debiansuse suse qemuredhat 12y ago The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
CVE-2014-5263 medium 6.8 FIX debian debian qemu 12y ago vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infini…
CVE-2013-4544 medium 4.9 FIX ubuntu ubuntudebian debian qemu 12y ago hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers o…
CVE-2014-0150 medium 4.9 FIX rheldebian debian qemu 12y ago Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, whic…
CVE-2011-3346 medium 4.0 rhel qemu 12y ago Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest c…
CVE-2011-4111 medium 6.8 FIX rheldebian debian qemu 12y ago Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) an…
CVE-2013-4375 low 2.7 FIX debian debian qemu 13y ago The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) v…
CVE-2013-4377 low 2.3 FIX debian debian qemu 13y ago Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.
CVE-2013-2007 medium 6.9 FIX debian debian qemu 13y ago The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
CVE-2012-2652 medium 4.4 FIX debian debian qemu 14y ago The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink att…
CVE-2011-2527 low 2.1 qemu 14y ago The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted fi…
CVE-2011-0011 medium 4.3 qemu 14y ago qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions.