Qemu

Qemu

425 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2017-9375

  • EPSS 0.1%
  • Veröffentlicht 16.06.2017 22:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

QEMU (aka Quick Emulator), when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service (infinite recursive call) via vectors involving control transfer descriptors sequencing.

5.5

CVE-2017-9503

  • EPSS 0.07%
  • Veröffentlicht 16.06.2017 22:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving megasas co...

5.6

CVE-2017-9310

  • EPSS 0.09%
  • Veröffentlicht 08.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

QEMU (aka Quick Emulator), when built with the e1000e NIC emulation support, allows local guest OS privileged users to cause a denial of service (infinite loop) via vectors related to setting the initial receive / transmit descriptor head (TDH/RDH) o...

5.6

CVE-2017-9330

  • EPSS 0.07%
  • Veröffentlicht 08.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI Emulation support, allows local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value, a different vulnerability than CVE-2017-6505.

5.5

CVE-2017-9060

  • EPSS 0.09%
  • Veröffentlicht 01.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large number of "VIRTIO_GPU_CMD_SET_SCANOUT:" commands.

7.8

CVE-2017-8309

  • EPSS 1.77%
  • Veröffentlicht 23.05.2017 04:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.

6.5

CVE-2017-8379

  • EPSS 0.14%
  • Veröffentlicht 23.05.2017 04:29:02
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events.

7.8

CVE-2017-7493

  • EPSS 0.06%
  • Veröffentlicht 17.05.2017 15:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest us...

6.5

CVE-2017-8086

  • EPSS 0.08%
  • Veröffentlicht 02.05.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable.

6.5

CVE-2017-8112

  • EPSS 0.06%
  • Veröffentlicht 02.05.2017 14:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count.