Qemu

Qemu

422 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2016-4002

  • EPSS 9.18%
  • Published 26.04.2016 14:59:04
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitra...

8.4

CVE-2016-2857

  • EPSS 0.06%
  • Published 12.04.2016 02:00:07
  • Last modified 12.04.2025 10:46:40

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

8.8

CVE-2016-1568

  • EPSS 0.33%
  • Published 12.04.2016 02:00:05
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ)...

5.5

CVE-2015-5158

  • EPSS 0.08%
  • Published 12.04.2016 01:59:20
  • Last modified 12.04.2025 10:46:40

Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descr...

6.5

CVE-2016-2858

  • EPSS 0.12%
  • Published 07.04.2016 19:59:03
  • Last modified 12.04.2025 10:46:40

QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.

8.1

CVE-2016-1714

  • EPSS 0.12%
  • Published 07.04.2016 19:59:02
  • Last modified 12.04.2025 10:46:40

The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-o...

8.6

CVE-2015-1779

  • EPSS 5.08%
  • Published 12.01.2016 19:59:00
  • Last modified 12.04.2025 10:46:40

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

9

CVE-2015-7512

  • EPSS 14.19%
  • Published 08.01.2016 21:59:02
  • Last modified 12.04.2025 10:46:40

Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.

5

CVE-2015-7295

  • EPSS 3.58%
  • Published 09.11.2015 16:59:07
  • Last modified 12.04.2025 10:46:40

hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on th...

7.5

CVE-2015-6855

  • EPSS 5.77%
  • Published 06.11.2015 21:59:07
  • Last modified 12.04.2025 10:46:40

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_...