Vulnerabilities (CVE)

Filtered by vendor Qemu Subscribe
Total 415 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11334 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 2.1 LOW 4.4 MEDIUM
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.
CVE-2017-11434 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 2.1 LOW 5.5 MEDIUM
The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.
CVE-2017-8284 1 Qemu 1 Qemu 2025-04-20 6.9 MEDIUM 7.0 HIGH
The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic block that injects code into a setuid program, as demonstrated by procmail. NOTE: the vendor has stated "this bug does not violate any security guarantees QEMU makes.
CVE-2017-9060 1 Qemu 1 Qemu 2025-04-20 4.9 MEDIUM 5.5 MEDIUM
Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large number of "VIRTIO_GPU_CMD_SET_SCANOUT:" commands.
CVE-2017-10806 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 2.1 LOW 5.5 MEDIUM
Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.
CVE-2017-14167 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 7.2 HIGH 8.8 HIGH
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.
CVE-2017-5526 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 4.9 MEDIUM 6.5 MEDIUM
Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption and QEMU process crash) via a large number of device unplug operations.
CVE-2017-7980 4 Canonical, Debian, Qemu and 1 more 12 Ubuntu Linux, Debian Linux, Qemu and 9 more 2025-04-20 4.6 MEDIUM 7.8 HIGH
Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.
CVE-2017-8309 3 Debian, Qemu, Redhat 3 Debian Linux, Qemu, Openstack 2025-04-20 7.8 HIGH 7.5 HIGH
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
CVE-2017-10664 3 Debian, Qemu, Redhat 11 Debian Linux, Qemu, Enterprise Linux and 8 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
CVE-2017-9524 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 5.0 MEDIUM 7.5 HIGH
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD) Server support, allows remote attackers to cause a denial of service (segmentation fault and server crash) by leveraging failure to ensure that all initialization occurs before talking to a client in the nbd_negotiate function.
CVE-2017-6505 1 Qemu 1 Qemu 2025-04-20 2.1 LOW 6.5 MEDIUM
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330.
CVE-2017-12809 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 2.1 LOW 6.5 MEDIUM
QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.
CVE-2014-0145 1 Qemu 1 Qemu 2025-04-20 4.6 MEDIUM 7.8 HIGH
Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c).
CVE-2017-9374 1 Qemu 1 Qemu 2025-04-20 2.1 LOW 5.5 MEDIUM
Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugging the device.
CVE-2016-9381 2 Citrix, Qemu 2 Xenserver, Qemu 2025-04-20 6.9 MEDIUM 7.5 HIGH
Race condition in QEMU in Xen allows local x86 HVM guest OS administrators to gain privileges by changing certain data on shared rings, aka a "double fetch" vulnerability.
CVE-2015-7504 3 Debian, Qemu, Xen 3 Debian Linux, Qemu, Xen 2025-04-20 4.6 MEDIUM 8.8 HIGH
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
CVE-2015-8613 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 1.9 LOW 6.5 MEDIUM
Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instance crash) via a crafted SCSI controller CTRL_GET_INFO command.
CVE-2017-5857 1 Qemu 1 Qemu 2025-04-20 4.9 MEDIUM 6.5 MEDIUM
Memory leak in the virgl_cmd_resource_unref function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (host memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_UNREF commands sent without detaching the backing storage beforehand.
CVE-2015-8568 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-20 4.7 MEDIUM 6.5 MEDIUM
Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxnet3 device repeatedly.