CVE search results

151 – 160 of 464 results

Detailed view

Sort by:

CVE-2019-5008

Low priority

Fixed

hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	Not affected	Not affected
qemu-kvm	—	—	—	Not in release	Not in release

CVE-2019-8934

Low priority

Ignored

hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	Not affected	Ignored	Ignored
qemu-kvm	—	—	Not in release	Not in release	Not in release

CVE-2019-6501

Medium priority

Not affected

In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	Not affected	Not affected
qemu-kvm	—	—	—	Not in release	Not in release

CVE-2019-9824

Low priority

Fixed

tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	Fixed	Fixed	Fixed
qemu-kvm	—	—	Not in release	Not in release	Not in release

QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	Fixed	Fixed	Not affected
qemu-kvm	—	—	Not in release	Not in release	Not in release

CVE-2019-6778

Medium priority

Fixed

In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	Fixed	Fixed	Fixed
qemu-kvm	—	—	Not in release	Not in release	Not in release

CVE-2018-20815

Medium priority

Fixed

In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	Fixed	Fixed	Fixed
qemu-kvm	—	—	Not in release	Not in release	Not in release

CVE-2018-20216

Low priority

Fixed

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	Not affected	Not affected
qemu-kvm	—	—	—	Not in release	Not in release

CVE-2018-20191

Low priority

Fixed

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	Not affected	Not affected
qemu-kvm	—	—	—	Not in release	Not in release

CVE-2018-20126

Low priority

Fixed

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	Not affected	Not affected
qemu-kvm	—	—	—	Not in release	Not in release

Export to JSON

Results by page:

Search CVE reports

CVE-2019-5008

CVE-2019-8934

CVE-2019-6501

CVE-2019-9824

CVE-2019-3812

CVE-2019-6778

CVE-2018-20815

CVE-2018-20216

CVE-2018-20191

CVE-2018-20126