The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of QEMU

computer vulnerability bulletin CVE-2019-13164

QEMU: information disclosure via qemu-bridge-helper ACL Bypass

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via qemu-bridge-helper ACL Bypass of QEMU, in order to obtain sensitive information.
Impacted products: Debian, openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 03/07/2019.
Identifiers: CVE-2019-13164, DLA-1927-1, DSA-4506-1, DSA-4512-1, openSUSE-SU-2019:2041-1, openSUSE-SU-2019:2059-1, SUSE-SU-2019:14151-1, SUSE-SU-2019:2157-1, SUSE-SU-2019:2192-1, SUSE-SU-2019:2221-1, SUSE-SU-2019:2246-1, SUSE-SU-2019:2353-1, VIGILANCE-VUL-29678.

Description of the vulnerability

An attacker can bypass access restrictions to data via qemu-bridge-helper ACL Bypass of QEMU, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-12929

QEMU: code execution via QMP guest-exec

Synthesis of the vulnerability

An attacker can use a vulnerability via QMP guest-exec of QEMU, in order to run code.
Impacted products: QEMU.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: user account.
Creation date: 25/06/2019.
Identifiers: CVE-2019-12929, VIGILANCE-VUL-29617.

Description of the vulnerability

An attacker can use a vulnerability via QMP guest-exec of QEMU, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2019-12928

QEMU: code execution via QMP Migrate

Synthesis of the vulnerability

An attacker can use a vulnerability via QMP Migrate of QEMU, in order to run code.
Impacted products: QEMU.
Severity: 2/4.
Consequences: privileged access/rights, user access/rights.
Provenance: document.
Creation date: 25/06/2019.
Identifiers: CVE-2019-12928, VIGILANCE-VUL-29616.

Description of the vulnerability

An attacker can use a vulnerability via QMP Migrate of QEMU, in order to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-12247

qemu-guest-agent: integer overflow in the guest-exec command

Synthesis of the vulnerability

An attacker, inside a guest system, can trigger an integer overflow via guest-exec of qemu-guest-agent, in order to trigger a denial of service, and possibly to run code on the host system.
Impacted products: QEMU.
Severity: 1/4.
Consequences: privileged access/rights, denial of service on service.
Provenance: user shell.
Creation date: 22/05/2019.
Identifiers: CVE-2019-12247, VIGILANCE-VUL-29385.

Description of the vulnerability

An attacker, inside a guest system, can trigger an integer overflow via guest-exec of qemu-guest-agent, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2019-12155

QEMU: NULL pointer dereference in the QXL device driver

Synthesis of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via QXL of QEMU, in order to trigger a denial of service on the host system.
Impacted products: Debian, openSUSE Leap, QEMU, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 22/05/2019.
Identifiers: CVE-2019-12155, DLA-1927-1, DSA-4454-1, DSA-4454-2, openSUSE-SU-2019:2041-1, openSUSE-SU-2019:2059-1, RHSA-2019:2607-01, RHSA-2019:2892-01, SUSE-SU-2019:14151-1, SUSE-SU-2019:2157-1, SUSE-SU-2019:2192-1, SUSE-SU-2019:2221-1, SUSE-SU-2019:2246-1, SUSE-SU-2019:2353-1, VIGILANCE-VUL-29384.

Description of the vulnerability

An attacker, inside a guest system, can force a NULL pointer to be dereferenced via QXL of QEMU, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2019-5008

QEMU: NULL pointer dereference via power_mem_ops

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via power_mem_ops of QEMU, in order to trigger a denial of service.
Impacted products: openSUSE Leap, QEMU, SLES, Ubuntu.
Severity: 1/4.
Consequences: denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 15/05/2019.
Identifiers: CVE-2019-5008, openSUSE-SU-2019:2041-1, SUSE-SU-2019:2192-1, USN-3978-1, VIGILANCE-VUL-29305.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via power_mem_ops of QEMU, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2018-20815

QEMU: buffer overflow via load_device_tree

Synthesis of the vulnerability

An attacker, inside a guest system, can trigger a buffer overflow via load_device_tree() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Impacted products: Debian, openSUSE Leap, QEMU, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: administrator access/rights, denial of service on server, denial of service on service.
Provenance: user shell.
Creation date: 27/03/2019.
Identifiers: CERTFR-2019-AVI-230, CVE-2018-20815, DLA-1781-1, DSA-4506-1, openSUSE-SU-2019:1274-1, openSUSE-SU-2019:1405-1, openSUSE-SU-2019:1419-1, RHSA-2019:1175-01, RHSA-2019:1881-01, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:1348-1, SUSE-SU-2019:1349-1, SUSE-SU-2019:1371-1, SUSE-SU-2019:14052-1, SUSE-SU-2019:14063-1, USN-3978-1, VIGILANCE-VUL-28875.

Description of the vulnerability

An attacker, inside a guest system, can trigger a buffer overflow via load_device_tree() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2019-9824

QEMU: information disclosure via SLiRP tcp_emu

Synthesis of the vulnerability

A local attacker, inside a guest system, can read a memory fragment via SLiRP tcp_emu() of QEMU, in order to obtain sensitive information on the host system.
Impacted products: Debian, openSUSE Leap, QEMU, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 18/03/2019.
Identifiers: CERTFR-2019-AVI-230, CVE-2019-9824, DLA-1781-1, DSA-4454-1, DSA-4454-2, openSUSE-SU-2019:1226-1, openSUSE-SU-2019:1274-1, openSUSE-SU-2019:1405-1, RHSA-2019:1650-01, RHSA-2019:2078-01, SUSE-SU-2019:0825-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:0891-1, SUSE-SU-2019:0921-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, SUSE-SU-2019:1268-1, SUSE-SU-2019:1269-1, SUSE-SU-2019:1272-1, SUSE-SU-2019:14001-1, SUSE-SU-2019:14011-1, SUSE-SU-2019:14052-1, USN-3978-1, VIGILANCE-VUL-28758.

Description of the vulnerability

A local attacker, inside a guest system, can read a memory fragment via SLiRP tcp_emu() of QEMU, in order to obtain sensitive information on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2019-8934

QEMU: information disclosure via PPC64 sPAPR host-serial/model

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass access restrictions to data via PPC64 sPAPR host-serial/model of QEMU, in order to obtain sensitive information on the host system.
Impacted products: openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES.
Severity: 1/4.
Consequences: data reading.
Provenance: user shell.
Creation date: 21/02/2019.
Identifiers: CERTFR-2019-AVI-230, CVE-2019-8934, openSUSE-SU-2019:1274-1, openSUSE-SU-2019:1405-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, VIGILANCE-VUL-28572.

Description of the vulnerability

An attacker, inside a guest system, can bypass access restrictions to data via PPC64 sPAPR host-serial/model of QEMU, in order to obtain sensitive information on the host system.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2019-3812

QEMU: out-of-bounds memory reading via i2c_ddc_rx

Synthesis of the vulnerability

An attacker can force a read at an invalid address via i2c_ddc_rx() of QEMU, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Debian, Fedora, openSUSE Leap, QEMU, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 18/02/2019.
Identifiers: CERTFR-2019-AVI-230, CVE-2019-3812, DSA-4454-1, DSA-4454-2, FEDORA-2019-88a98ce795, openSUSE-SU-2019:1274-1, openSUSE-SU-2019:1405-1, SUSE-SU-2019:1238-1, SUSE-SU-2019:1239-1, USN-3923-1, VIGILANCE-VUL-28530.

Description of the vulnerability

An attacker can force a read at an invalid address via i2c_ddc_rx() of QEMU, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about QEMU: