Redhat

Virtualization

124 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.4

CVE-2016-2857

  • EPSS 0.06%
  • Veröffentlicht 12.04.2016 02:00:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

8.8

CVE-2016-1568

  • EPSS 0.33%
  • Veröffentlicht 12.04.2016 02:00:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ)...

8.6

CVE-2015-1779

  • EPSS 5.08%
  • Veröffentlicht 12.01.2016 19:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

9

CVE-2015-7512

  • EPSS 14.19%
  • Veröffentlicht 08.01.2016 21:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.

6.9

CVE-2015-3214

  • EPSS 1.47%
  • Veröffentlicht 31.08.2015 10:59:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an inva...

9.3

CVE-2015-5165

  • EPSS 10.86%
  • Veröffentlicht 12.08.2015 14:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

7.5

CVE-2015-3209

  • EPSS 5.35%
  • Veröffentlicht 15.06.2015 15:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.

10

CVE-2015-0235

Exploit
  • EPSS 85.45%
  • Veröffentlicht 28.01.2015 19:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 fu...

7.5

CVE-2014-7840

  • EPSS 2.46%
  • Veröffentlicht 12.12.2014 15:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

5

CVE-2014-7815

  • EPSS 5.23%
  • Veröffentlicht 14.11.2014 15:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.