Qemu

Qemu

422 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6

CVE-2016-4454

  • EPSS 0.06%
  • Published 01.06.2016 22:59:04
  • Last modified 12.04.2025 10:46:40

The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA comma...

4.9

CVE-2016-4453

  • EPSS 0.06%
  • Published 01.06.2016 22:59:03
  • Last modified 12.04.2025 10:46:40

The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.

6.5

CVE-2016-4020

  • EPSS 0.06%
  • Published 25.05.2016 15:59:04
  • Last modified 12.04.2025 10:46:40

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

6

CVE-2016-4037

  • EPSS 0.09%
  • Published 23.05.2016 19:59:06
  • Last modified 12.04.2025 10:46:40

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CV...

8.6

CVE-2016-4001

  • EPSS 9.37%
  • Published 23.05.2016 19:59:05
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large pac...

5.5

CVE-2015-8558

  • EPSS 0.05%
  • Published 23.05.2016 19:59:00
  • Last modified 12.04.2025 10:46:40

The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.

6

CVE-2016-4441

  • EPSS 0.1%
  • Published 20.05.2016 14:59:08
  • Last modified 12.04.2025 10:46:40

The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via...

6.7

CVE-2016-4439

  • EPSS 0.31%
  • Published 20.05.2016 14:59:07
  • Last modified 12.04.2025 10:46:40

The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU p...

5.5

CVE-2016-3712

  • EPSS 0.12%
  • Published 11.05.2016 21:59:02
  • Last modified 12.04.2025 10:46:40

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

8.8

CVE-2016-3710

  • EPSS 0.09%
  • Published 11.05.2016 21:59:01
  • Last modified 12.04.2025 10:46:40

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Port...