5 matches found
SUSE CVE-2013-4535
The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...
Qemu: virtio: null pointer dereference in virtqueu_map_desc
The virtqueuemapdesc function in hw/virtio/virtio.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via a large I/O descriptor buffer length value...
Qemu: virtio: null pointer dereference in virtqueu_map_desc
The virtqueuemapdesc function in hw/virtio/virtio.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via a large I/O descriptor buffer length value...
DEBIAN-CVE-2016-7422
The virtqueuemapdesc function in hw/virtio/virtio.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service NULL pointer dereference and QEMU process crash via a large I/O descriptor buffer length value...
qemu: virtio: insufficient validation of num_sg when mapping
The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...