Qemu

Qemu

426 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 7.39%
  • Veröffentlicht 12.01.2016 19:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.

  • EPSS 7.73%
  • Veröffentlicht 08.01.2016 21:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.

  • EPSS 4.94%
  • Veröffentlicht 09.11.2015 16:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on th...

  • EPSS 3.5%
  • Veröffentlicht 06.11.2015 21:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_...

  • EPSS 0.53%
  • Veröffentlicht 06.11.2015 21:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via ...

  • EPSS 1.05%
  • Veröffentlicht 28.09.2015 16:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

  • EPSS 1.59%
  • Veröffentlicht 31.08.2015 10:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by triggering use of an inva...

  • EPSS 0.37%
  • Veröffentlicht 26.08.2015 19:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.

  • EPSS 0.63%
  • Veröffentlicht 12.08.2015 14:59:23
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

  • EPSS 9.67%
  • Veröffentlicht 15.06.2015 15:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.