Lucene search
K

91 matches found

Microsoft CVE
Microsoft CVE
added 2025/10/02 6:11 a.m.5 views

A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.

...

6CVSS7AI score0.00335EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/05 12:0 a.m.3 views

PT-2024-7651

Name of the Vulnerable Software and Affected Versions QEMU affected versions not specified Description A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections table data within RSS becomes controllable. Setting excessively...

8.2CVSS6.9AI score0.01027EPSS
Exploits2References54
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.34 views

Rocky Linux 9 : qemu-kvm (RLSA-2024:2135)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2135 advisory. - A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest...

7CVSS6.9AI score0.01405EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.41 views

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:0135)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0135 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packag...

6.5CVSS6.8AI score0.00302EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2023/09/11 12:0 a.m.37 views

CVE-2023-42467

QEMU through 8.0.0 could trigger a division by zero in scsidiskreset in hw/scsi/scsi-disk.c because scsidiskemulatemodeselect does not prevent s-qdev.blocksize from being 256. This stops QEMU and the guest immediately...

5.5CVSS6.8AI score0.00376EPSS
Exploits1References3
NVD
NVD
added 2023/07/24 4:15 p.m.16 views

CVE-2023-3019

A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service...

6.5CVSS6.1AI score0.00302EPSS
Exploits0References9
Prion
Prion
added 2023/07/24 4:15 p.m.21 views

Design/Logic Flaw

A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service...

1.7CVSS6.2AI score0.00302EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2023/07/24 3:19 p.m.22 views

CVE-2023-3019 Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()

A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service...

6CVSS6.7AI score0.00302EPSS
Exploits0References6
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.41 views

K57536416: Kernel vulnerability CVE-2019-14835

Security Advisory Description A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid...

7.8CVSS7.5AI score0.00627EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:9 p.m.48 views

K16620: QEMU vulnerability CVE-2015-3456

Security Advisory Description An out-of-bounds memory access flaw, also known as "VENOM," was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially...

7.7CVSS8.2AI score0.15275EPSS
Exploits1Affected Software13
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.2 views

SUSE CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

3.2CVSS6.5AI score0.00363EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.1 views

SUSE CVE-2022-0216

A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsidomsgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU...

5.3CVSS7AI score0.00405EPSS
Exploits1References11
UbuntuCve
UbuntuCve
added 2022/08/17 9:15 p.m.33 views

CVE-2020-14394

An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block TRB Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service...

3.2CVSS6.2AI score0.00363EPSS
Exploits1References2
OSV
OSV
added 2022/04/29 5:15 p.m.24 views

CVE-2021-4206

A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on th...

8.2CVSS7.4AI score
Exploits0References6
Debian CVE
Debian CVE
added 2022/04/29 4:19 p.m.31 views

CVE-2021-4206

A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursoralloc function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on th...

8.2CVSS7.5AI score0.00834EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/01/26 12:0 a.m.39 views

SUSE SLED15: qemu / qemu-arm / qemu-audio-alsa / qemu-audio-pa / etc (SUSE-SU-2022:0177-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0177-1 advisory. - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash bsc1181361. Tenable has extracted the...

6.5CVSS6.8AI score0.00475EPSS
Exploits1References4
Veracode
Veracode
added 2021/08/12 3:21 p.m.28 views

Denial Of Service

qemu is vulnerable to denial of service. The vulnerability exists due to the handling of the 'Information Transfer' command CMDTI which allows a privileged guest user to crash the QEMU process on the host...

6.7CVSS3AI score0.00366EPSS
Exploits0References6Affected Software2
Veracode
Veracode
added 2021/08/12 3:21 p.m.35 views

Denial Of Service (DoS)

qemu:devel is vulnerable to denial of serivce. A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEM...

4.4CVSS3AI score0.00315EPSS
Exploits0References7Affected Software6
Debian CVE
Debian CVE
added 2021/06/02 1:30 p.m.40 views

CVE-2021-3546

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...

8.2CVSS7AI score0.00463EPSS
Exploits0
NVD
NVD
added 2021/05/13 4:15 p.m.44 views

CVE-2021-20221

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to...

6CVSS0.00323EPSS
Exploits0References5
Rows per page
Query Builder