Qemu

Qemu

422 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2017-9330

  • EPSS 0.07%
  • Veröffentlicht 08.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.

5.5

CVE-2017-9060

  • EPSS 0.09%
  • Veröffentlicht 01.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large number of "VIRTIO_GPU_CMD_SET_SCANOUT:" commands.

7.8

CVE-2017-8309

  • EPSS 1.58%
  • Veröffentlicht 23.05.2017 04:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.

6.5

CVE-2017-8379

  • EPSS 0.08%
  • Veröffentlicht 23.05.2017 04:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

7.8

CVE-2017-7493

  • EPSS 0.06%
  • Veröffentlicht 17.05.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest us...

6.5

CVE-2017-8086

  • EPSS 0.08%
  • Veröffentlicht 02.05.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.

6.5

CVE-2017-8112

  • EPSS 0.06%
  • Veröffentlicht 02.05.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.

7

CVE-2017-8284

  • EPSS 0.11%
  • Veröffentlicht 26.04.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that inj...

5.5

CVE-2017-7718

  • EPSS 0.13%
  • Veröffentlicht 20.04.2017 17:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and...

6.5

CVE-2015-8345

  • EPSS 0.07%
  • Veröffentlicht 13.04.2017 17:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.