CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Veracode•added 2020/09/21 6:28 a.m.•34 views

Denial Of Service (DoS)

qemu is vulnerable to denial of service DoS. The vulnerability exists through a race condition during file renaming, through v9fswstat in hw/9pfs/9p.c...

4.7CVSS2.4AI score0.0004EPSS

Exploits0References14Affected Software2

Veracode•added 2020/09/21 6:24 a.m.•36 views

Use-After-Free

qemu is vulnerable to use-after-free. hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...

5.5CVSS2.2AI score0.00075EPSS

Exploits0References10Affected Software2

Veracode•added 2020/09/21 6:19 a.m.•31 views

Information Disclosure

QEMU is vulnerable to information disclosure. A race condition in the v9fsxattrwalk function in hw/9pfs/9p.c allows local guest OS users to obtain confidential information from host heap memory via vectors related to reading extended attributes...

5.6CVSS3.5AI score0.00028EPSS

Exploits0References5Affected Software1

Veracode•added 2020/09/21 6:18 a.m.•33 views

Denial Of Service (DoS)

qemu is vulnerable to denial of service DoS. The vulnerability exists through a memory leak in the v9fsdeviceunrealizecommon function in hw/9pfs/9p.c...

6.5CVSS2.8AI score0.00071EPSS

Exploits0References7Affected Software1

RedhatCVE•added 2020/04/08 9:46 p.m.•39 views

CVE-2018-19364

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...

5.5CVSS1.9AI score0.00075EPSS

Exploits0References2

UbuntuCve•added 2018/11/20 12:0 a.m.•27 views

CVE-2018-19364

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...

5.5CVSS6.8AI score0.00075EPSS

Exploits0References5

OSV•added 2016/12/29 10:59 p.m.•15 views

CVE-2016-9914

Memory leak in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash by leveraging a missing cleanup operation in FileOperations...

6.5CVSS6.2AI score

Exploits0References7

Prion•added 2016/12/29 10:59 p.m.•14 views

Memory corruption

4.9CVSS6.5AI score0.00071EPSS

Exploits0References7Affected Software2

Prion•added 2016/12/10 12:59 a.m.•21 views

Directory traversal

Directory traversal vulnerability in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to access host files outside the export path via a .. dot dot in an unspecified string...

2.1CVSS6.4AI score0.00861EPSS

Exploits0References8Affected Software2

AlpineLinux•added 2016/12/09 10:0 p.m.•35 views

CVE-2016-9102

Memory leak in the v9fsxattrcreate function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption and QEMU process crash via a large number of Txattrcreate messages with the same fid number...

6CVSS6.2AI score0.0008EPSS

Exploits0

CVE•added 2016/12/09 10:0 p.m.•117 views

CVE-2016-9102

CVE-2016-9102 is a memory-leak vulnerability in QEMU's 9pfs/9p.c v9fs_xattrcreate path. The issue allows a local privileged user (guest) to trigger memory consumption escalating to a DoS by sending a large number of Txattrcreate messages with the same fid. Affected component: hw/9pfs/9p.c (v9fs_x...

6CVSS5.9AI score0.0008EPSS

Exploits0References7Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by