The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of QEMU

vulnerability CVE-2018-20126

QEMU: memory leak via pvrdma QP/CQ Creation

Synthesis of the vulnerability

Impacted products: QEMU.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 19/12/2018.
Identifiers: CVE-2018-20126, VIGILANCE-VUL-28050.

Description of the vulnerability

An attacker, inside a guest system, can create a memory leak via pvrdma QP/CQ Creation of QEMU, in order to trigger a denial of service on the host system.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2018-20191

QEMU: NULL pointer dereference via pvrdma_main.c-uar_ops.read

Synthesis of the vulnerability

Impacted products: QEMU.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 18/12/2018.
Identifiers: CVE-2018-20191, VIGILANCE-VUL-28043.

Description of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via pvrdma_main.c::uar_ops.read of QEMU, in order to trigger a denial of service on the host system.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2018-20123

QEMU: memory leak via pvrdma_realize

Synthesis of the vulnerability

Impacted products: QEMU.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 13/12/2018.
Identifiers: CVE-2018-20123, VIGILANCE-VUL-28019.

Description of the vulnerability

An attacker, inside a guest system, can create a memory leak via pvrdma_realize() of QEMU, in order to trigger a denial of service on the host system.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2018-19489

QEMU: denial of service via 9pfs Files Renaming

Synthesis of the vulnerability

Impacted products: QEMU.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 26/11/2018.
Identifiers: CVE-2018-19489, VIGILANCE-VUL-27876.

Description of the vulnerability

An attacker, inside a guest system, can generate a fatal error via 9pfs Files Renaming of QEMU, in order to trigger a denial of service on the host system.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability bulletin CVE-2018-19364

QEMU: use after free via v9fs_path_copy

Synthesis of the vulnerability

Impacted products: QEMU, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 20/11/2018.
Identifiers: CVE-2018-19364, USN-3826-1, VIGILANCE-VUL-27833.

Description of the vulnerability

An attacker, inside a guest system, can force the usage of a freed memory area via v9fs_path_copy() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability CVE-2018-18954

QEMU: memory corruption via pnv_lpc_do_eccb

Synthesis of the vulnerability

Impacted products: Fedora, QEMU, Ubuntu, WindRiver Linux.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 07/11/2018.
Identifiers: CVE-2018-18954, FEDORA-2018-87f2ace20d, USN-3826-1, VIGILANCE-VUL-27710.

Description of the vulnerability

An attacker, inside a guest system, can generate a memory corruption via pnv_lpc_do_eccb() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2018-16847

QEMU: memory corruption via nvme_cmb_ops

Synthesis of the vulnerability

Impacted products: openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES, Ubuntu, WindRiver Linux.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 05/11/2018.
Identifiers: CVE-2018-16847, openSUSE-SU-2018:4004-1, openSUSE-SU-2018:4135-1, SUSE-SU-2018:3927-1, SUSE-SU-2018:4086-1, SUSE-SU-2018:4185-1, USN-3826-1, VIGILANCE-VUL-27669.

Description of the vulnerability

An attacker, inside a guest system, can generate a memory corruption via nvme_cmb_ops() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability alert CVE-2018-18849

QEMU: memory corruption via lsi53c895a-lsi_do_msgin

Synthesis of the vulnerability

Impacted products: Fedora, openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES, Ubuntu, WindRiver Linux.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 05/11/2018.
Identifiers: CVE-2018-18849, FEDORA-2018-87f2ace20d, openSUSE-SU-2018:4004-1, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4147-1, SUSE-SU-2018:3912-1, SUSE-SU-2018:3927-1, SUSE-SU-2018:3973-1, SUSE-SU-2018:3975-1, SUSE-SU-2018:3987-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4129-1, SUSE-SU-2018:4185-1, SUSE-SU-2018:4237-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:13921-1, USN-3826-1, VIGILANCE-VUL-27666.

Description of the vulnerability

An attacker, inside a guest system, can generate a memory corruption via lsi53c895a::lsi_do_msgin() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Complete Vigil@nce bulletin.... (Free trial)

vulnerability note CVE-2018-12617

QEMU: denial of service via qmp_guest_file_read

Synthesis of the vulnerability

Impacted products: openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: document.
Confidence: confirmed by the editor (5/5).
Creation date: 17/10/2018.
Identifiers: CVE-2018-12617, openSUSE-SU-2018:3709-1, SUSE-SU-2018:3555-1, USN-3826-1, VIGILANCE-VUL-27554.

Description of the vulnerability

An attacker can generate a fatal error via qmp_guest_file_read() of QEMU, in order to trigger a denial of service.
Complete Vigil@nce bulletin.... (Free trial)

computer vulnerability note CVE-2018-18438

QEMU: integer overflow via ccid_card_vscard_read

Synthesis of the vulnerability

Impacted products: QEMU, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Confidence: confirmed by the editor (5/5).
Creation date: 17/10/2018.
Identifiers: CVE-2018-18438, SUSE-SU-2018:3975-1, SUSE-SU-2018:3987-1, SUSE-SU-2019:13921-1, VIGILANCE-VUL-27539.

Description of the vulnerability

An attacker, inside a guest system, can generate an integer overflow via ccid_card_vscard_read() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Complete Vigil@nce bulletin.... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about QEMU: