333 matches found
SUSE CVE-2007-1322
QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction...
SUSE CVE-2007-5730
Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to execute arbitrary code via crafted data in the "net socket listen" option, aka QEMU "net socket" heap overflow. NOTE: some sources have used CVE-2007-1321 to refer to this issue as part of...
SUSE CVE-2015-8818
The cpuphysicalmemorywriterominternal function in exec.c in QEMU aka Quick Emulator does not properly skip MMIO regions, which allows local privileged guest users to cause a denial of service guest crash via unspecified vectors...
SUSE CVE-2016-1981
QEMU aka Quick Emulator built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head TDH/RDH is set outside the allocated descriptor buffer. A...
SUSE CVE-2016-6834
The nettxpktdoswfragmentation function in hw/net/nettxpkt.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via a zero length for the current fragment length...
SUSE CVE-2016-7157
The 1 mptsasconfigmanufacturing1 and 2 mptsasconfigioc0 functions in hw/scsi/mptconfig.c in QEMU aka Quick Emulator allow local guest OS administrators to cause a denial of service QEMU process crash via vectors involving MPTSASCONFIGPACK...
SUSE CVE-2016-7423
The mptsasprocessscsiiorequest function in QEMU aka Quick Emulator, when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service out-of-bounds write and QEMU process crash via vectors involving MPTSASRequest objects...
SUSE CVE-2016-7466
Memory leak in the usbxhciexit function in hw/usb/hcd-xhci.c in QEMU aka Quick Emulator, when the xhci uses msix, allows local guest OS administrators to cause a denial of service memory consumption and possibly QEMU process crash by repeatedly unplugging a USB device...
SUSE CVE-2016-7908
The mcffecdotx function in hw/net/mcffec.c in QEMU aka Quick Emulator does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash via vectors involving a buffer descript...
SUSE CVE-2016-8910
The rtl8139cplustransmit function in hw/net/rtl8139.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and CPU consumption by leveraging failure to limit the ring descriptor count...
SUSE CVE-2016-9101
Memory leak in hw/net/eepro100.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption and QEMU process crash by repeatedly unplugging an i8255x PRO100 NIC device...
SUSE CVE-2016-9106
Memory leak in the v9fswrite function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption by leveraging failure to free an IO vector...
SUSE CVE-2016-9846
QEMU aka Quick Emulator built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in updatecursordatavirgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host...
SUSE CVE-2016-9915
Memory leak in hw/9pfs/9p-handle.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash by leveraging a missing cleanup operation in the handle backend...
SUSE CVE-2016-9913
Memory leak in the v9fsdeviceunrealizecommon function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash via vectors involving the order of resource cleanup...
SUSE CVE-2016-10155
Memory leak in hw/watchdog/wdti6300esb.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption and QEMU process crash via a large number of device unplug operations...
SUSE CVE-2017-2633
An out-of-bounds memory access issue was found in Quick Emulator QEMU before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vncrefreshserversurface'. A user inside a guest could use this flaw to crash the QEMU process...
SUSE CVE-2017-5667
The sdhcisdmatransfermultiblocks function in hw/sd/sdhci.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds heap access and crash or execute arbitrary code on the QEMU host via vectors involving the data transfer length...
SUSE CVE-2017-5898
Integer overflow in the emulatedapdufromguest function in usb/dev-smartcard-reader.c in Quick Emulator Qemu, when built with the CCID Card device emulator support, allows local users to cause a denial of service application crash via a large Application Protocol Data Units APDU unit...
SUSE CVE-2017-5957
Stack-based buffer overflow in the vrenddecodesetframebufferstate function in vrenddecode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator QEMU, allows a local guest users to cause a denial of service application crash via the "nrcbufs" argument...