Qemu

Qemu

425 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2016-5337

  • EPSS 0.05%
  • Veröffentlicht 14.06.2016 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.

4.4

CVE-2016-5238

  • EPSS 0.06%
  • Veröffentlicht 14.06.2016 14:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

7.8

CVE-2016-5126

  • EPSS 0.26%
  • Veröffentlicht 01.06.2016 22:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

6

CVE-2016-4454

  • EPSS 0.06%
  • Veröffentlicht 01.06.2016 22:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA comma...

4.9

CVE-2016-4453

  • EPSS 0.07%
  • Veröffentlicht 01.06.2016 22:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.

6.5

CVE-2016-4020

  • EPSS 0.09%
  • Veröffentlicht 25.05.2016 15:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

6

CVE-2016-4037

  • EPSS 0.09%
  • Veröffentlicht 23.05.2016 19:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CV...

8.6

CVE-2016-4001

  • EPSS 9.37%
  • Veröffentlicht 23.05.2016 19:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large pac...

5.5

CVE-2015-8558

  • EPSS 0.05%
  • Veröffentlicht 23.05.2016 19:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.

6

CVE-2016-4441

  • EPSS 0.1%
  • Veröffentlicht 20.05.2016 14:59:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via...