Computer vulnerabilities of QEMU

QEMU: privilege escalation via Virtiofsd Xattrmap Option
An attacker, inside a guest system, can bypass restrictions via Virtiofsd Xattrmap Option of QEMU, in order to escalate his privileges on the host system...
CVE-2021-20263, VIGILANCE-VUL-34767

QEMU: denial of service via NIC Loopback Mode
An attacker, inside a guest system, can trigger a fatal error via NIC Loopback Mode of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-3416, DLA-2623-1, SUSE-SU-2021:1240-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1243-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, VIGILANCE-VUL-34703

QEMU: overload via e1000
An attacker, inside a guest system, can trigger an overload via e1000 of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-20257, DLA-2623-1, SUSE-SU-2021:1023-1, SUSE-SU-2021:1240-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1243-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, VIGILANCE-VUL-34685

QEMU: denial of service via eepro100
An attacker, inside a guest system, can trigger a fatal error via eepro100 of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-20255, DLA-2623-1, VIGILANCE-VUL-34684

QEMU: denial of service via VirtFS Directory Sharing
An attacker, inside a guest system, can trigger a fatal error via VirtFS Directory Sharing of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-20181, DLA-2560-1, openSUSE-SU-2021:0363-1, SUSE-SU-2021:0521-1, SUSE-SU-2021:1240-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, USN-4725-1, VIGILANCE-VUL-34509, ZDI-21-159

QEMU: use after free via mptsas_free_request
An attacker, inside a guest system, can force the usage of a freed memory area via mptsas_free_request() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
CVE-2021-3392, DLA-2623-1, VIGILANCE-VUL-34493

QEMU: out-of-bounds memory reading via ARM Generic Interrupt Controller
An attacker, inside a guest system, can force a read at an invalid address via ARM Generic Interrupt Controller of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
CVE-2021-20221, DLA-2560-1, openSUSE-SU-2021:0363-1, SUSE-SU-2021:0521-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, VIGILANCE-VUL-34492

QEMU: NULL pointer dereference via Floopy Disk Emulator
An attacker, inside a guest system, can force a NULL pointer to be dereferenced via Floopy Disk Emulator of QEMU, in order to trigger a denial of service on the host system...
CVE-2021-20196, VIGILANCE-VUL-34427

QEMU: read-write access via virtiofsd
An attacker, inside a guest system, can bypass access restrictions via virtiofsd of QEMU, in order to read or alter data on the host system...
CVE-2020-35517, RHSA-2021:0711-01, RHSA-2021:0743-01, VIGILANCE-VUL-34401

QEMU: out-of-bounds memory reading via ide_atapi_cmd_reply_end
An attacker, inside a guest system, can force a read at an invalid address via ide_atapi_cmd_reply_end() of QEMU, in order to trigger a denial of service, or to obtain sensitive information on the host system...
CVE-2020-29443, DLA-2560-1, SUSE-SU-2021:1240-1, SUSE-SU-2021:1241-1, SUSE-SU-2021:1242-1, SUSE-SU-2021:1243-1, SUSE-SU-2021:1244-1, SUSE-SU-2021:1245-1, USN-4725-1, VIGILANCE-VUL-34361

Our database contains other pages. You can request a free trial to read them.

Display information about QEMU:

https://wiki.qemu.org/index.php/Main_Page