CVE-2020-25743

A NULL pointer dereference flaw was found in the IDE disk emulator of QEMU. This issue occurs while canceling an I/O operation via the idecanceldmasync routine if a block drive pointer is null. This flaw allows a guest user to crash the QEMU process on the host, resulting in a denial of service...

CVE-2017-12809

QEMU aka Quick Emulator, when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by flushing an empty CDROM device drive...

DEBIAN-CVE-2017-12809

QEMU aka Quick Emulator, when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service NULL pointer dereference and QEMU process crash by flushing an empty CDROM device drive...

Updated qemu packages fix security vulnerabilities

Updated qemu packages fix security vulnerabilities: Qemu emulator built with the RTL8139 emulation support is vulnerable to an information leakage flaw. It could occur while processing network packets under RTL8139 controller's C+ mode of operation. A guest user could use this flaw to read...

Updated qemu packages fix security vulnerabilities

Updated qemu packages fix security vulnerabilities: Qemu emulator built with the RTL8139 emulation support is vulnerable to an information leakage flaw. It could occur while processing network packets under RTL8139 controller's C+ mode of operation. A guest user could use this flaw to read...

qemu, xen-tools -- use-after-free in QEMU/Xen block unplug protocol

The Xen Project reports: When unplugging an emulated block device the device was not fully unplugged, meaning a second unplug attempt would attempt to unplug the device a second time using a previously freed pointer. An HVM guest which has access to an emulated IDE disk device may be able to...