The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of QEMU

computer vulnerability bulletin CVE-2019-9824

QEMU: information disclosure via SLiRP tcp_emu

Synthesis of the vulnerability

A local attacker, inside a guest system, can read a memory fragment via SLiRP tcp_emu() of QEMU, in order to obtain sensitive information on the host system.
Impacted products: openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 18/03/2019.
Identifiers: CVE-2019-9824, openSUSE-SU-2019:1226-1, SUSE-SU-2019:0825-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:0891-1, SUSE-SU-2019:0921-1, SUSE-SU-2019:14001-1, SUSE-SU-2019:14011-1, VIGILANCE-VUL-28758.

Description of the vulnerability

A local attacker, inside a guest system, can read a memory fragment via SLiRP tcp_emu() of QEMU, in order to obtain sensitive information on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2019-8934

QEMU: information disclosure via PPC64 sPAPR host-serial/model

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass access restrictions to data via PPC64 sPAPR host-serial/model of QEMU, in order to obtain sensitive information on the host system.
Impacted products: QEMU.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 21/02/2019.
Identifiers: CVE-2019-8934, VIGILANCE-VUL-28572.

Description of the vulnerability

An attacker, inside a guest system, can bypass access restrictions to data via PPC64 sPAPR host-serial/model of QEMU, in order to obtain sensitive information on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-3812

QEMU: out-of-bounds memory reading via i2c_ddc_rx

Synthesis of the vulnerability

An attacker can force a read at an invalid address via i2c_ddc_rx() of QEMU, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Fedora, QEMU, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 18/02/2019.
Identifiers: CVE-2019-3812, FEDORA-2019-88a98ce795, USN-3923-1, VIGILANCE-VUL-28530.

Description of the vulnerability

An attacker can force a read at an invalid address via i2c_ddc_rx() of QEMU, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-6778

QEMU: buffer overflow via tcp_emu

Synthesis of the vulnerability

An attacker, inside a guest system, can trigger a buffer overflow via tcp_emu() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Impacted products: Debian, Fedora, openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 25/01/2019.
Identifiers: CVE-2019-6778, DLA-1694-1, FEDORA-2019-88a98ce795, openSUSE-SU-2019:0254-1, openSUSE-SU-2019:1074-1, openSUSE-SU-2019:1226-1, SUSE-SU-2019:0423-1, SUSE-SU-2019:0435-1, SUSE-SU-2019:0457-1, SUSE-SU-2019:0471-1, SUSE-SU-2019:0489-1, SUSE-SU-2019:0582-1, SUSE-SU-2019:0825-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:0891-1, SUSE-SU-2019:0921-1, SUSE-SU-2019:13962-1, SUSE-SU-2019:14001-1, SUSE-SU-2019:14011-1, USN-3923-1, VIGILANCE-VUL-28367.

Description of the vulnerability

An attacker, inside a guest system, can trigger a buffer overflow via tcp_emu() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2019-6501

QEMU: memory corruption via scsi_handle_inquiry_reply

Synthesis of the vulnerability

An attacker, inside a guest system, can trigger a memory corruption via scsi_handle_inquiry_reply() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Impacted products: QEMU.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server.
Provenance: user shell.
Creation date: 24/01/2019.
Identifiers: CVE-2019-6501, VIGILANCE-VUL-28342.

Description of the vulnerability

An attacker, inside a guest system, can trigger a memory corruption via scsi_handle_inquiry_reply() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-20216

QEMU: infinite loop via pvrdma_qp_send

Synthesis of the vulnerability

An attacker, inside a guest system, can generate an infinite loop via pvrdma_qp_send() of QEMU, in order to trigger a denial of service on the host system.
Impacted products: QEMU, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 19/12/2018.
Identifiers: CVE-2018-20216, USN-3923-1, VIGILANCE-VUL-28051.

Description of the vulnerability

An attacker, inside a guest system, can generate an infinite loop via pvrdma_qp_send() of QEMU, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2018-20126

QEMU: memory leak via pvrdma QP/CQ Creation

Synthesis of the vulnerability

An attacker, inside a guest system, can create a memory leak via pvrdma QP/CQ Creation of QEMU, in order to trigger a denial of service on the host system.
Impacted products: QEMU, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 19/12/2018.
Identifiers: CVE-2018-20126, USN-3923-1, VIGILANCE-VUL-28050.

Description of the vulnerability

An attacker, inside a guest system, can create a memory leak via pvrdma QP/CQ Creation of QEMU, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2018-20125

QEMU: NULL pointer dereference via pvrdma QP/CQ Creation

Synthesis of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via pvrdma QP/CQ Creation of QEMU, in order to trigger a denial of service on the host system.
Impacted products: QEMU, Ubuntu.
Severity: 2/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 19/12/2018.
Identifiers: CVE-2018-20125, USN-3923-1, VIGILANCE-VUL-28049.

Description of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via pvrdma QP/CQ Creation of QEMU, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2018-20124

QEMU: out-of-bounds memory reading via rdma_backend_post

Synthesis of the vulnerability

An attacker, inside a guest system, can force a read at an invalid address via rdma_backend_post of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system.
Impacted products: QEMU, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 18/12/2018.
Identifiers: CVE-2018-20124, USN-3923-1, VIGILANCE-VUL-28044.

Description of the vulnerability

An attacker, inside a guest system, can force a read at an invalid address via rdma_backend_post of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-20191

QEMU: NULL pointer dereference via pvrdma_main.c-uar_ops.read

Synthesis of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via pvrdma_main.c::uar_ops.read of QEMU, in order to trigger a denial of service on the host system.
Impacted products: Fedora, QEMU, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 18/12/2018.
Identifiers: CVE-2018-20191, FEDORA-2019-88a98ce795, USN-3923-1, VIGILANCE-VUL-28043.

Description of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via pvrdma_main.c::uar_ops.read of QEMU, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about QEMU: