Qemu

Qemu

425 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2019-20382

  • EPSS 0.04%
  • Veröffentlicht 05.03.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:38:20

QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.

6

CVE-2020-1711

  • EPSS 0.57%
  • Veröffentlicht 11.02.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:11:13

An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_s...

8.8

CVE-2013-4535

  • EPSS 0.38%
  • Veröffentlicht 11.02.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 01:55:46

The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.

3.5

CVE-2015-6815

  • EPSS 1.57%
  • Veröffentlicht 31.01.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 02:35:42

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecifie...

6.5

CVE-2015-5745

Exploit
  • EPSS 1.92%
  • Veröffentlicht 23.01.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 02:33:45

Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.

6.5

CVE-2015-5239

  • EPSS 5.06%
  • Veröffentlicht 23.01.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 02:32:37

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

6.5

CVE-2015-5278

  • EPSS 1.85%
  • Veröffentlicht 23.01.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 02:32:42

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

7.5

CVE-2020-7211

  • EPSS 0.31%
  • Veröffentlicht 21.01.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:50

tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.

6.8

CVE-2020-7039

  • EPSS 0.83%
  • Veröffentlicht 16.01.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 05:36:32

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute ...

7.8

CVE-2013-4532

  • EPSS 0.17%
  • Veröffentlicht 02.01.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 01:55:45

Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.