CVE search results

281 – 290 of 396 results

Detailed view

Sort by:

CVE-2015-8567

Medium priority

Some fixes available 2 of 3

Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-8558

Medium priority

Some fixes available 3 of 4

The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular isochronous transfer descriptor (iTD) list.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-7549

Medium priority

Some fixes available 2 of 3

The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-8504

Medium priority

Some fixes available 3 of 4

Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-7512

Medium priority

Fixed

Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-7504

Medium priority

Fixed

Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.

3 affected packages

qemu, qemu-kvm, xen

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—
xen	—	—	—	—	—

CVE-2015-8345

Medium priority

Fixed

The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-7295

Low priority

Fixed

hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-5279

Medium priority

Fixed

Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-5278

Low priority

Fixed

The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports