Qemu

Qemu

422 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6

CVE-2016-4952

  • EPSS 0.11%
  • Published 02.09.2016 14:59:01
  • Last modified 12.04.2025 10:46:40

QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (...

5.5

CVE-2016-5403

  • EPSS 0.07%
  • Published 02.08.2016 16:59:03
  • Last modified 12.04.2025 10:46:40

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

6

CVE-2016-2841

  • EPSS 0.06%
  • Published 16.06.2016 18:59:07
  • Last modified 12.04.2025 10:46:40

The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTO...

7.1

CVE-2016-2538

  • EPSS 0.09%
  • Published 16.06.2016 18:59:06
  • Last modified 12.04.2025 10:46:40

Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS ...

6.5

CVE-2016-2392

  • EPSS 0.09%
  • Published 16.06.2016 18:59:04
  • Last modified 12.04.2025 10:46:40

The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer de...

5

CVE-2016-2391

  • EPSS 0.05%
  • Published 16.06.2016 18:59:03
  • Last modified 12.04.2025 10:46:40

The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.

7.8

CVE-2016-5338

  • EPSS 0.08%
  • Published 14.06.2016 14:59:02
  • Last modified 12.04.2025 10:46:40

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information tran...

5.5

CVE-2016-5337

  • EPSS 0.05%
  • Published 14.06.2016 14:59:01
  • Last modified 12.04.2025 10:46:40

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.

4.4

CVE-2016-5238

  • EPSS 0.06%
  • Published 14.06.2016 14:59:00
  • Last modified 12.04.2025 10:46:40

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

7.8

CVE-2016-5126

  • EPSS 0.2%
  • Published 01.06.2016 22:59:08
  • Last modified 12.04.2025 10:46:40

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.