Search CVE reports
351 – 360 of 396 results
CVE-2013-4151
Low prioritySome fixes available 3 of 5
The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
CVE-2013-4150
Low prioritySome fixes available 1 of 3
The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
CVE-2013-4149
Low prioritySome fixes available 1 of 3
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
CVE-2013-4148
Low prioritySome fixes available 3 of 5
Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
CVE-2013-4375
Medium prioritySome fixes available 2 of 3
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
4 affected packages
qemu, qemu-kvm, xen, xen-3.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2013-4377
Medium prioritySome fixes available 1 of 2
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
CVE-2013-4344
Low prioritySome fixes available 3 of 4
Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.
4 affected packages
qemu, qemu-kvm, xen, xen-3.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2013-2007
Low priorityThe qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
4 affected packages
qemu, qemu-kvm, xen, xen-3.3
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
CVE-2013-1922
Low priorityqemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | Not affected |
| qemu-kvm | — | — | — | — | Not in release |
CVE-2012-6075
Medium prioritySome fixes available 11 of 16
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS...
7 affected packages
kvm, qemu, qemu-kvm, xen, xen-3.1...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |