CVE-2023-3180
- EPSS 0.23%
- Veröffentlicht 03.08.2023 15:15:29
- Zuletzt bearbeitet 21.11.2024 08:16:38
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a...
CVE-2023-3019
- EPSS 0.31%
- Veröffentlicht 24.07.2023 16:15:12
- Zuletzt bearbeitet 12.05.2026 10:16:39
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.
CVE-2023-1386
- EPSS 0.22%
- Veröffentlicht 24.07.2023 16:15:11
- Zuletzt bearbeitet 21.11.2024 07:39:05
A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this...
CVE-2023-3354
- EPSS 1.61%
- Veröffentlicht 11.07.2023 17:15:13
- Zuletzt bearbeitet 21.11.2024 08:17:05
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection hap...
CVE-2023-0664
- EPSS 0.31%
- Veröffentlicht 29.03.2023 20:15:07
- Zuletzt bearbeitet 18.02.2025 20:15:16
A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.
CVE-2023-1544
- EPSS 0.31%
- Veröffentlicht 23.03.2023 20:15:14
- Zuletzt bearbeitet 03.11.2025 20:15:59
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially ...
- EPSS 0.27%
- Veröffentlicht 06.03.2023 23:15:11
- Zuletzt bearbeitet 21.11.2024 07:36:59
A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free.
CVE-2022-4144
- EPSS 0.28%
- Veröffentlicht 29.11.2022 18:15:10
- Zuletzt bearbeitet 14.04.2025 18:15:24
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into a...
CVE-2022-4172
- EPSS 0.38%
- Veröffentlicht 29.11.2022 18:15:10
- Zuletzt bearbeitet 14.04.2025 18:15:25
An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer alloc...
CVE-2022-3872
- EPSS 0.8%
- Veröffentlicht 07.11.2022 21:15:09
- Zuletzt bearbeitet 05.05.2025 21:15:46
An off-by-one read/write issue was found in the SDHCI device of QEMU. It occurs when reading/writing the Buffer Data Port Register in sdhci_read_dataport and sdhci_write_dataport, respectively, if data_count == block_size. A malicious guest could use...