CVE search results

341 – 350 of 483 results

Detailed view

Sort by:

CVE-2016-4037

Low priority

Fixed

The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2015-8554

Medium priority

Fixed

Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qemu-dm) device model, allows local x86 HVM guest administrators to gain privileges by leveraging a system with access to...

3 affected packages

qemu, qemu-kvm, xen

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—
xen	—	—	—	—	—

CVE-2016-4020

Medium priority

Fixed

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2016-4001

Low priority

Fixed

Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2016-2857

Low priority

Fixed

The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2016-2858

Low priority

Fixed

QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2016-2841

Low priority

Fixed

The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2016-2538

Low priority

Some fixes available 4 of 5

Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2016-2392

Low priority

Some fixes available 4 of 5

The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

CVE-2016-2391

Low priority

Some fixes available 4 of 5

The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to...

2 affected packages

qemu, qemu-kvm

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—	—
qemu-kvm	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports