20 matches found
OESA-2025-2757 qemu security update
QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious...
SUSE CVE-2020-27616
ati2dblt in hw/display/ati2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process...
SUSE CVE-2021-3608
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMAREGDSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The...
QEMU: intel-hda: segmentation fault due to stack overflow
A stack overflow vulnerability was found in the Intel HD Audio device intel-hda of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability...
QEMU: usb: out-of-bounds r/w access issue while processing usb packets
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash the QEMU process,...
CVE-2018-7803
A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an...
QEMU Denial of Service Vulnerability (CNVD-2018-26705)
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in the LSI53C895A SCSI Host Bus Adapter emulation in QEMU. An attacker could exploit this vulnerabili...
QEMU: cirrus: OOB access when updating VGA display
Quick Emulator aka QEMU, when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds access and QEMU process crash by leveraging incorrect region calculation when updating VGA display...
UBUNTU-CVE-2017-9503
QEMU aka Quick Emulator, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash via vectors involving megasas command processing...
UBUNTU-CVE-2017-7718
hw/display/cirrusvgarop.h in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEMU process crash via vectors related to copying VGA data via the cirrusbitbltropfwdtransp and cirrusbitbltropfwd functions...
Virglrenderer Denial of Service Vulnerability
Virglrenderer is a library for maintaining API stability in Virgil 3d projects. A denial of service vulnerability exists in Virglrenderer. An attacker can exploit this vulnerability to cause a QEMU instance to crash, resulting in a denial of service...
UBUNTU-CVE-2017-2633
An out-of-bounds memory access issue was found in Quick Emulator QEMU before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the 'vncrefreshserversurface'. A user inside a guest could use this flaw to crash the QEMU process...
QEMU 'sdhci.c' Denial of Service Vulnerability
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in QEMU. An attacker can exploit this vulnerability to cause a QEMU instance to crash, resulting in a...
QEMU '/hw/usb/redirect.c' Denial of Service Vulnerability
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in the /hw/usb/redirect.c file in QEMU. An attacker can exploit this vulnerability to cause Qemu to...
QEMU 'hw/9pfs/9p.c' denial of service vulnerability (CNVD-2016-10619)
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in 'hw/9pfs/9p.c', which can be exploited by an attacker to launch a denial of service attack...
QEMU 'hw/9pfs/9p.c' Denial of Service Vulnerability
QEMU aka Quick Emulator is a set of simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A denial of service vulnerability exists in the QEMU 'hw/9pfs/9p.c' script. An attacker can exploit this vulnerability to cause a denial of...
UBUNTU-CVE-2016-6833
Use-after-free vulnerability in the vmxnet3iobar0write function in hw/net/vmxnet3.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service QEMU instance crash by leveraging failure to check if the device is active...
UBUNTU-CVE-2016-4002
Buffer overflow in the mipsnetreceive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service memory corruption and QEMU crash or possibly execute arbitrary code via a packet larger than 1514 bytes...
DEBIAN-CVE-2004-0453
Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service emulator crash and possibly execute arbitrary code via format string specifiers in an output string...
CVE-2004-0453
Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service emulator crash and possibly execute arbitrary code via format string specifiers in an output string...