Redhat

Virtualization

124 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.4

CVE-2016-6888

  • EPSS 0.1%
  • Veröffentlicht 10.12.2016 00:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an uncheck...

6

CVE-2016-6835

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.

6

CVE-2016-8910

  • EPSS 0.1%
  • Veröffentlicht 04.11.2016 21:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.

6

CVE-2016-8909

  • EPSS 0.04%
  • Veröffentlicht 04.11.2016 21:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer posi...

6

CVE-2016-8669

  • EPSS 0.07%
  • Veröffentlicht 04.11.2016 21:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater th...

6

CVE-2016-8576

  • EPSS 0.11%
  • Veröffentlicht 04.11.2016 21:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request...

5.5

CVE-2016-5403

  • EPSS 0.07%
  • Veröffentlicht 02.08.2016 16:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

7.8

CVE-2016-5126

  • EPSS 0.2%
  • Veröffentlicht 01.06.2016 22:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

6.5

CVE-2016-4020

  • EPSS 0.06%
  • Veröffentlicht 25.05.2016 15:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

8.8

CVE-2016-3710

  • EPSS 0.09%
  • Veröffentlicht 11.05.2016 21:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Port...