CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
52.9%
A vulnerability in QEMU’s USB EHCI controller emulation is related to the lack of checks if the buffer pointer overlaps with the MMIO register when transmitting USB packets.
the buffer pointer overlaps with the MMIO region when transmitting USB packets. Exploitation of the vulnerability could allow
an attacker to cause a denial of service
The QEMU server virtio-net interface vulnerability is related to the asynchronous nature of the shutdown, allowing a
race scenario. Exploitation of the vulnerability could allow an attacker to cause a denial of service
Vulnerability in the inflate_buffer() function of the QEMU server VNC is related to an invalid exit condition leading to an
an infinite loop when inflating the zlib buffer. Exploitation of the vulnerability could allow an intruder,
acting remotely, to cause a denial of service
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
52.9%