CVE search results

291 – 300 of 396 results

Detailed view

Sort by:

CVE-2015-6855

Low priority

Fixed

hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-6815

Low priority

Fixed

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-5239

Low priority

Fixed

Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-5225

Medium priority

Fixed

Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-5166

Medium priority

Some fixes available 1 of 3

Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.

3 affected packages

qemu, qemu-kvm, xen

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—
xen	—	—	—	—	—

CVE-2015-5165

Medium priority

Some fixes available 5 of 7

The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.

3 affected packages

qemu, qemu-kvm, xen

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—
xen	—	—	—	—	—

CVE-2015-5745

Medium priority

Some fixes available 2 of 3

Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-5154

Medium priority

Some fixes available 4 of 6

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

3 affected packages

qemu, qemu-kvm, xen

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—
xen	—	—	—	—	—

CVE-2015-5158

Medium priority

Fixed

Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-3214

Low priority

Some fixes available 2 of 3

The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports