Computer vulnerabilities of QEMU

QEMU: out-of-bounds memory reading via the support for Message Signalled Interrupt
An attacker can force a read at an invalid address via Message Signalled Interrupt of QEMU, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2020-13754, VIGILANCE-VUL-32384

QEMU: NULL pointer dereference via the MegaRAID SAS 8708EM device driver
An attacker can force a NULL pointer to be dereferenced via MegaRAID SAS 8708EM of QEMU, in order to trigger a denial of service...
CVE-2020-13659, VIGILANCE-VUL-32383

QEMU: denial of service via SD Memory Card
An attacker can trigger a fatal error via SD Memory Card of QEMU, in order to trigger a denial of service...
1880822, CVE-2020-13253, VIGILANCE-VUL-32345

QEMU: denial of service via virtio-fs
An attacker, inside a guest system, can allocate all file descriptors via virtio-fs in QEMU, in order to trigger a denial of service on the host system...
CVE-2020-10717, VIGILANCE-VUL-32175

QEMU: integer overflow via ati_2d_blt
An attacker can trigger an integer overflow via ati_2d_blt() of QEMU, in order to trigger a denial of service, and possibly to run code...
CVE-2020-11869, USN-4372-1, VIGILANCE-VUL-32104

QEMU: buffer overflow via bochs-display.c
An attacker, inside a guest system, can trigger a buffer overflow via bochs-display.c of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
CVE-2019-15034, DSA-4665-1, openSUSE-SU-2020:0468-1, USN-4372-1, VIGILANCE-VUL-31943

QEMU: memory leak via VNC Disconnect
An attacker, inside a guest system, can create a memory leak via VNC Disconnect of QEMU, in order to trigger a denial of service on the host system...
CVE-2019-20382, DSA-4665-1, openSUSE-SU-2020:0468-1, RHSA-2020:2774-01, USN-4372-1, VIGILANCE-VUL-31733

QEMU: out-of-bounds memory reading via snprintf
An attacker can force a read at an invalid address via snprintf() of QEMU, in order to trigger a denial of service, or to obtain sensitive information...
CVE-2020-8608, DLA-2142-1, DLA-2144-1, openSUSE-SU-2020:0468-1, RHSA-2020:0889-01, RHSA-2020:1208-01, RHSA-2020:1209-01, RHSA-2020:1351-01, RHSA-2020:1352-01, RHSA-2020:1379-01, RHSA-2020:1403-01, RHSA-2020:2773-01, RHSA-2020:2774-01, RHSA-2020:2844-01, USN-4283-1, VIGILANCE-VUL-31540

QEMU: memory corruption via iSCSI Block Driver
An attacker, inside a guest system, can trigger a memory corruption via iSCSI Block Driver of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
CVE-2020-1711, DLA-2144-1, DSA-4616-1, openSUSE-SU-2020:0468-1, RHSA-2020:0669-01, RHSA-2020:1150-01, RHSA-2020:1352-01, RHSA-2020:1358-01, RHSA-2020:1505-01, RHSA-2020:2472-01, USN-4283-1, VIGILANCE-VUL-31422

QEMU: directory traversal via SLiRP TFTP Server
An attacker can traverse directories via SLiRP TFTP Server of QEMU, in order to read a file outside the service root path...
CVE-2020-7211, SUSE-SU-2020:0334-1, SUSE-SU-2020:0388-1, SUSE-SU-2020:1138-1, SUSE-SU-2020:1139-1, SUSE-SU-2020:1630-1, VIGILANCE-VUL-31355

Our database contains other pages. You can request a free trial to read them.

Display information about QEMU:

https://wiki.qemu.org/index.php/Main_Page