Qemu

Qemu

426 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.13%
  • Veröffentlicht 19.06.2026 16:23:57
  • Zuletzt bearbeitet 30.06.2026 03:19:12

A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `virtio_snd_pcm_in_cb` function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exi...

  • EPSS 0.14%
  • Veröffentlicht 18.02.2026 20:50:03
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An off-by-one error was found in QEMU's KVM Xen guest support. A malicious guest could use this flaw to trigger out-of-bounds heap accesses in the QEMU process via the emulated Xen physdev hypercall interface, leading to a denial of service or potent...

  • EPSS 0.15%
  • Veröffentlicht 18.02.2026 20:49:06
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register UEFI_VARS_REG_BUFFER_SIZE, the .write callback `uefi_vars_write` is invoked. The function allocates a heap buffer without zeroing the memory, leaving the buff...

  • EPSS 0.14%
  • Veröffentlicht 18.02.2026 20:47:54
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in the virtio-crypto device of QEMU. A malicious guest operating system can exploit a missing length limit in the AKCIPHER path, leading to uncontrolled memory allocation. This can result in a denial of service (DoS) on the host syst...

  • EPSS 0.24%
  • Veröffentlicht 25.07.2025 03:15:33
  • Zuletzt bearbeitet 16.12.2025 14:52:30

hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.

  • EPSS 0.24%
  • Veröffentlicht 25.07.2025 03:15:33
  • Zuletzt bearbeitet 16.12.2025 14:40:13

hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.

  • EPSS 0.27%
  • Veröffentlicht 14.11.2024 12:15:18
  • Zuletzt bearbeitet 05.08.2025 18:26:29

A heap buffer overflow was found in the virtio-snd device in QEMU. When reading input audio in the virtio-snd input callback, virtio_snd_pcm_in_cb, the function did not check whether the iov can fit the data buffer. This issue can trigger an out-of-b...

Exploit
  • EPSS 0.55%
  • Veröffentlicht 14.11.2024 12:15:17
  • Zuletzt bearbeitet 12.05.2026 12:16:57

A heap-based buffer overflow was found in the SDHCI device emulation of QEMU. The bug is triggered when both `s->data_count` and the size of `s->fifo_buffer` are set to 0x200, leading to an out-of-bound access. A malicious guest could use this flaw ...

  • EPSS 0.25%
  • Veröffentlicht 21.10.2024 15:15:03
  • Zuletzt bearbeitet 08.08.2025 16:13:16

A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape.

  • EPSS 0.2%
  • Veröffentlicht 20.09.2024 18:15:04
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data ...