Qemu

Qemu

426 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.5%
  • Veröffentlicht 14.06.2016 14:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allow local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information tran...

  • EPSS 0.43%
  • Veröffentlicht 14.06.2016 14:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.

  • EPSS 0.42%
  • Veröffentlicht 14.06.2016 14:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

  • EPSS 0.7%
  • Veröffentlicht 01.06.2016 22:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

  • EPSS 0.42%
  • Veröffentlicht 01.06.2016 22:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA comma...

  • EPSS 0.42%
  • Veröffentlicht 01.06.2016 22:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.

  • EPSS 0.37%
  • Veröffentlicht 25.05.2016 15:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

  • EPSS 0.44%
  • Veröffentlicht 23.05.2016 19:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CV...

  • EPSS 4.9%
  • Veröffentlicht 23.05.2016 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large pac...

  • EPSS 0.48%
  • Veröffentlicht 23.05.2016 19:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.