Search CVE reports
71 – 80 of 396 results
CVE-2020-7039
Medium prioritySome fixes available 7 of 10
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS...
4 affected packages
libslirp, qemu, qemu-kvm, slirp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libslirp | Not affected | Not affected | Not affected | Not in release | Not in release |
qemu | Not affected | Not affected | Not affected | Fixed | Fixed |
qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
slirp | Not affected | Not affected | Not affected | Fixed | Fixed |
CVE-2019-20175
Negligible priority** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that...
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | Not affected | Not affected |
qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2013-2016
Low priorityA flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged...
6 affected packages
kvm, qemu, qemu-kvm, xen-3.1, xen-3.2, xen-3.3
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
kvm | — | — | — | — | — |
qemu | — | — | — | — | — |
qemu-kvm | — | — | — | — | — |
xen-3.1 | — | — | — | — | — |
xen-3.2 | — | — | — | — | — |
xen-3.3 | — | — | — | — | — |
CVE-2019-12068
Low priorityIn QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg-8~deb10u1, 1:3.1+dfsg-8+deb10u2, and 1:2.1+dfsg-12+deb8u12 (fixed), when executing script in lsi_execute_script(), the LSI scsi adapter emulator advances...
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | Fixed | Fixed | Fixed |
qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2019-15890
Low prioritySome fixes available 15 of 139
libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reass in ip_input.c.
20 affected packages
android, basilisk2, bochs, fs-uae, libslirp...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libslirp | Not affected | Not affected | Not affected | Not in release | Not in release |
ns3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
qemu | Fixed | Fixed | Fixed | Fixed | Fixed |
qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-linaro | Not in release | Not in release | Not in release | Not in release | Not in release |
redboot-imx | Not in release | Not in release | Not in release | Needs evaluation | Needs evaluation |
slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
slirp4netns | Not affected | Not affected | Not affected | Not in release | Not in release |
vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox-hwe | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
virtualbox-lts-vivid | Not in release | Not in release | Not in release | Not in release | Not in release |
virtualbox-lts-wily | Not in release | Not in release | Not in release | Not in release | Not in release |
virtualbox-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
xen | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2019-14378
Low prioritySome fixes available 15 of 93
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
13 affected packages
android, basilisk2, bochs, fs-uae, libslirp...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
android | Not in release | Not in release | Not in release | Not in release | Needs evaluation |
basilisk2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
bochs | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
fs-uae | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libslirp | Not affected | Not affected | Not affected | Not in release | Not in release |
qemu | Fixed | Fixed | Fixed | Fixed | Fixed |
qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-kvm-spice | Not in release | Not in release | Not in release | Not in release | Not in release |
qemu-linaro | Not in release | Not in release | Not in release | Not in release | Not in release |
slirp | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
slirp4netns | Not affected | Not affected | Not affected | Not in release | Not in release |
vde2 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
xen | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2019-13164
Low prioritySome fixes available 5 of 6
qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a network interface name (obtained from bridge.conf or a --br=bridge option) is limited to the IFNAMSIZ size, which can lead to an ACL bypass.
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | Fixed | Fixed |
qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2019-12929
Low priority** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP...
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | Ignored | Ignored |
qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2019-12928
Low priority** DISPUTED ** The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a...
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | Ignored | Ignored |
qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2019-12155
Low prioritySome fixes available 8 of 9
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | Fixed | Fixed | Fixed |
qemu-kvm | — | — | Not in release | Not in release | Not in release |