Search CVE reports
91 – 100 of 396 results
CVE-2019-6778
Medium priorityIn QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-20815
Medium priorityIn QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-20216
Low priorityQEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Not affected | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-20191
Low priorityhw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Not affected | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-20126
Low priorityhw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Not affected | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-20125
Low priorityhw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Not affected | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-20124
Medium priorityhw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Not affected | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-20123
Low prioritypvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Not affected | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-19489
Low priorityv9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Not affected | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-16872
Low priorityA flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Fixed | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |