CVE search results

311 – 320 of 396 results

Detailed view

Sort by:

CVE-2014-8106

Medium priority

Fixed

Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-7840

Low priority

Fixed

The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savevm data.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-3640

Low priority

Fixed

The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-3615

Low priority

Fixed

The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-7815

Medium priority

Fixed

The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-3689

Medium priority

Fixed

The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-5388

Low priority

Fixed

Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-5263

Low priority

Fixed

vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption)...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-3471

Medium priority

Fixed

Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2014-3461

Low priority

Some fixes available 2 of 4

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports