Filtered by vendor Qemu
Subscriptions
Filtered by product Qemu
Subscriptions
Total
421 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9105 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2025-04-12 | 6.0 Medium |
| Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object. | ||||
| CVE-2016-9106 | 3 Debian, Opensuse, Qemu | 3 Debian Linux, Leap, Qemu | 2025-04-12 | 6.0 Medium |
| Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector. | ||||
| CVE-2016-9907 | 3 Debian, Qemu, Redhat | 5 Debian Linux, Qemu, Enterprise Linux and 2 more | 2025-04-12 | 6.5 Medium |
| Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirector in 'usbredir_handle_destroy'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host. | ||||
| CVE-2016-9923 | 1 Qemu | 1 Qemu | 2025-04-12 | 5.5 Medium |
| Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS. | ||||
| CVE-2016-3710 | 7 Canonical, Citrix, Debian and 4 more | 17 Ubuntu Linux, Xenserver, Debian Linux and 14 more | 2025-04-12 | 8.8 High |
| The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue. | ||||
| CVE-2010-0741 | 4 Kvm Qumranet, Linux, Qemu and 1 more | 5 Kvm, Linux Kernel, Qemu and 2 more | 2025-04-11 | N/A |
| The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO). | ||||
| CVE-2011-2527 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-11 | N/A |
| The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host. | ||||
| CVE-2013-4377 | 1 Qemu | 1 Qemu | 2025-04-11 | N/A |
| Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device. | ||||
| CVE-2011-1751 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-11 | N/A |
| The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm does not check if a device is hotpluggable before unplugging the PCI-ISA bridge, which allows privileged guest users to cause a denial of service (guest crash) and possibly execute arbitrary code by sending a crafted value to the 0xae08 (PCI_EJ_BASE) I/O port, which leads to a use-after-free related to "active qemu timers." | ||||
| CVE-2011-1750 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-11 | N/A |
| Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned. | ||||
| CVE-2013-2007 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-11 | N/A |
| The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files. | ||||
| CVE-2011-0011 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-11 | N/A |
| qemu-kvm before 0.11.0 disables VNC authentication when the password is cleared, which allows remote attackers to bypass authentication and establish VNC sessions. | ||||
| CVE-2012-3515 | 7 Canonical, Debian, Opensuse and 4 more | 15 Ubuntu Linux, Debian Linux, Opensuse and 12 more | 2025-04-11 | N/A |
| Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space." | ||||
| CVE-2013-4344 | 4 Canonical, Opensuse, Qemu and 1 more | 8 Ubuntu Linux, Opensuse, Qemu and 5 more | 2025-04-11 | N/A |
| Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. | ||||
| CVE-2012-6075 | 7 Canonical, Debian, Fedoraproject and 4 more | 15 Ubuntu Linux, Debian Linux, Fedora and 12 more | 2025-04-11 | N/A |
| Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet. | ||||
| CVE-2013-4375 | 2 Qemu, Xen | 2 Qemu, Xen | 2025-04-11 | N/A |
| The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors. | ||||
| CVE-2010-0297 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Rhel Virtualization | 2025-04-11 | N/A |
| Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementation in usb-linux.c in QEMU before 0.11.1 allows guest OS users to cause a denial of service (guest OS crash or hang) or possibly execute arbitrary code on the host OS via a crafted USB packet. | ||||
| CVE-2011-2212 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-11 | N/A |
| Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier allows privileged guest users to cause a denial of service (guest crash) or gain privileges via a crafted indirect descriptor related to "virtqueue in and out requests." | ||||
| CVE-2012-2652 | 1 Qemu | 1 Qemu | 2025-04-11 | N/A |
| The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file. | ||||
| CVE-2008-2004 | 2 Qemu, Redhat | 2 Qemu, Enterprise Linux | 2025-04-09 | N/A |
| The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted. | ||||