Qemu

Qemu

422 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6

CVE-2016-7995

  • EPSS 0.16%
  • Veröffentlicht 10.12.2016 00:59:22
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of crafted buffer page select (PG) indexes.

6

CVE-2016-7994

  • EPSS 0.16%
  • Veröffentlicht 10.12.2016 00:59:21
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CRE...

6

CVE-2016-7466

  • EPSS 0.09%
  • Veröffentlicht 10.12.2016 00:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly...

6

CVE-2016-7422

  • EPSS 0.09%
  • Veröffentlicht 10.12.2016 00:59:18
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.

4.4

CVE-2016-7421

  • EPSS 0.12%
  • Veröffentlicht 10.12.2016 00:59:17
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit process IO loop to the...

4.4

CVE-2016-7170

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to cursor.mask[] and cursor.image[...

4.4

CVE-2016-7157

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via vectors involving MPTSAS_CONFIG_...

4.4

CVE-2016-7156

  • EPSS 0.1%
  • Veröffentlicht 10.12.2016 00:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.

4.4

CVE-2016-7155

  • EPSS 0.11%
  • Veröffentlicht 10.12.2016 00:59:12
  • Zuletzt bearbeitet 12.04.2025 10:46:40

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.

6

CVE-2016-7116

  • EPSS 1.04%
  • Veröffentlicht 10.12.2016 00:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to access host files outside the export path via a .. (dot dot) in an unspecified string.