Search CVE reports
381 – 390 of 483 results
Some fixes available 2 of 3
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Some fixes available 4 of 6
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
3 affected packages
qemu, qemu-kvm, xen
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Some fixes available 2 of 3
The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write lengths, which might allow guest OS users to execute arbitrary code on the host OS by...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Some fixes available 6 of 7
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
3 affected packages
qemu, qemu-kvm, xen
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
Some fixes available 5 of 6
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain...
3 affected packages
qemu, qemu-kvm, xen
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
Some fixes available 5 of 6
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.
3 affected packages
qemu, qemu-kvm, xen
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
Some fixes available 5 of 6
Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.
3 affected packages
qemu, qemu-kvm, xen
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
Some fixes available 5 of 6
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via...
3 affected packages
qemu, qemu-kvm, xen
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |