Search CVE reports
61 – 70 of 397 results
Some fixes available 3 of 4
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Not affected | Not affected | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through...
2 affected packages
qemu-kvm, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | — | — | Not in release | Not in release |
| qemu | — | — | Fixed | Not affected |
hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | — | Not affected |
| qemu-kvm | — | — | — | Not in release |
Some fixes available 1 of 2
An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | Fixed | Not affected |
| qemu-kvm | — | — | Not in release | Not in release |
Some fixes available 2 of 5
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This...
4 affected packages
libslirp, qemu, qemu-kvm, slirp4netns
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libslirp | Not affected | Not affected | Fixed | Not in release |
| qemu | Not affected | Not affected | Not affected | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| slirp4netns | Not affected | Not affected | Vulnerable | Not in release |
A potential DoS flaw was found in the virtio-fs shared file system daemon (virtiofsd) implementation of the QEMU version >= v5.0. Virtio-fs is meant to share a host file system directory with a guest via virtio-fs device. If the...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | Not affected | Not affected |
| qemu-kvm | — | — | Not in release | Not in release |
A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | Fixed | Not affected |
| qemu-kvm | — | — | Not in release | Not in release |
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release |
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.
2 affected packages
qemu-kvm, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | — | — | Not in release | Not in release |
| qemu | — | — | Not affected | Ignored |
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
2 affected packages
qemu-kvm, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | — | — | Not in release | Not in release |
| qemu | — | — | Fixed | Fixed |