Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU implementation of VMWare’s paravirtual RDMA device. This flaw allows a malicious guest driver to execute hardware commands when shared buffers have not yet been allocated, potentially leading to a use-after-free condition...

Astra Linux - уязвимость в qemu

A flaw was discovered in QEMU. The async nature of hot-unplug allows for a race condition, where the net device backend is cleared before the virtio-net PCI frontend is unplugged. A malicious guest could exploit this time window to trigger an assertion and cause a denial of service...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2026-1644)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Azure Linux 3.0 Security Update: qemu (CVE-2021-3611)

The version of qemu installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3611 advisory. - A stack overflow vulnerability was found in the Intel HD Audio device intel-hda of QEMU. A malicious guest coul...

DEBIAN-CVE-2024-8612

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...

UBUNTU-CVE-2023-6683

A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...

QEMU Security Vulnerabilities

QEMU is a suite of simulation processor software by Fabrice Bellard, an individual developer in France. The software is fast and cross-platform. hyper is a fast, correct HTTP implementation of Rust open-sourced by hyperium. QEMU suffers from a security vulnerability that stems from the possibilit...

SUSE CVE-2013-4532

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process...

SUSE CVE-2014-0223

Integer overflow in the qcowopen function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service crash and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read...

SUSE CVE-2015-8817

QEMU aka Quick Emulator built to use 'addressspacetranslate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pcidmaread/write calls. Affects QEMU versions = 1.6.0 and = 2.3.1. A privileged user inside guest could use this flaw to cra...

SUSE CVE-2017-13672

QEMU aka Quick Emulator, when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEMU process crash via vectors involving display update...

SUSE CVE-2017-16845

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access...

SUSE CVE-2020-10702

A flaw was found in QEMU in the implementation of the Pointer Authentication PAuth support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker...

Exploit for Out-of-bounds Write in Qemu

This repository contains PoCs Proof of Concepts for two vulnerabilities: CVE-2020-14364 Qemu and CVE-2020-1472 Zerologon. CVE-2020-14364 Qemu The Qemu PoC is a C code that exploits a vulnerability in the Qemu emulator. The code includes two files: exp1irq.c and exp2configread.c. These files appea...

QEMU 缓冲区错误漏洞

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the use of memory outside of the working mbuf buffer by the function udp6input when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker...

DEBIAN-CVE-2013-4535

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

QEMU Denial of Service Vulnerability (CNVD-2017-33068)

QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A security vulnerability exists in QEMU 2.10.0 and earlier versions. A remote attacker could exploit the vulnerability to cause a memory leak...

Qemu: display: cirrus: potential arbitrary code execution via cirrus_bitblt_cputovideo

Quick emulator QEMU built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrusbitbltcputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute...

ALPINE-CVE-2016-7994

Memory leak in the virtiogpuresourcecreate2d function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via a large number of VIRTIOGPUCMDRESOURCECREATE2D commands...

The vulnerability of the QEMU hardware emulation software, which allows a hacker to trigger a service failure

The vulnerability of the QEMU hardware emulation software is related to the implementation of the VMWARE Paravirtual SCSI PVSCSI mechanism. Exploiting this vulnerability allows a malicious actor to trigger a service failure by manipulating the PVSCSICMDSETUPRINGS or PVSCSICMDSETUPMSGRING command...