4 matches found
Buffer overflow
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space...
CVE-2019-15034
hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space...
Command injection
DISPUTED The QMP guestexec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue...
CVE-2019-12155
interfacereleaseresource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference...