Qemu

Qemu

426 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 04.06.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:01:51

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

  • EPSS 0.49%
  • Veröffentlicht 04.06.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:01:53

ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.

  • EPSS 0.42%
  • Veröffentlicht 02.06.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 05:01:47

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.

  • EPSS 0.43%
  • Veröffentlicht 02.06.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 05:01:42

address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.

  • EPSS 0.38%
  • Veröffentlicht 28.05.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 05:01:07

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

  • EPSS 0.37%
  • Veröffentlicht 28.05.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:01:06

In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.

  • EPSS 0.43%
  • Veröffentlicht 27.05.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:00:53

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

  • EPSS 0.4%
  • Veröffentlicht 04.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:55

A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0. Virtio-fs is meant to share a host file system directory with a guest via virtio-fs device. If the guest opens the maxim...

  • EPSS 0.4%
  • Veröffentlicht 27.04.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:47

An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A mal...

  • EPSS 1.92%
  • Veröffentlicht 06.04.2020 16:15:13
  • Zuletzt bearbeitet 21.11.2024 04:56:47

hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.