Search CVE reports
241 – 250 of 483 results
The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified...
2 affected packages
qemu-kvm, qemu
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
Some fixes available 12 of 13
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client...
2 affected packages
qemu-kvm, qemu
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | Not in release | Not in release |
| qemu | — | — | — | Fixed | Fixed |
Some fixes available 12 of 13
hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via...
2 affected packages
qemu-kvm, qemu
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | Not in release | Not in release |
| qemu | — | — | — | Fixed | Fixed |
Some fixes available 12 of 13
The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Fixed | Fixed |
| qemu-kvm | — | — | — | Not in release | Not in release |
Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Some fixes available 3 of 4
The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors related to control transfer...
2 affected packages
qemu-kvm, qemu
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | Not in release | Not in release |
| qemu | — | — | — | Not affected | Not affected |
Some fixes available 3 of 4
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-zero error and QEMU process...
2 affected packages
qemu-kvm, qemu
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | Not in release | Not in release |
| qemu | — | — | — | Not affected | Not affected |
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Some fixes available 12 of 13
The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Fixed | Fixed |
| qemu-kvm | — | — | — | Not in release | Not in release |