In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
Source: MITRE
Max CVSS
2.3
EPSS Score
0.05%
Published
2020-07-02
Updated
2022-09-23
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
Source: MITRE
Max CVSS
2.5
EPSS Score
0.05%
Published
2020-06-02
Updated
2022-11-16
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
Source: Red Hat, Inc.
Max CVSS
1.9
EPSS Score
0.04%
Published
2015-08-26
Updated
2016-12-24
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
Source: Red Hat, Inc.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-11-07
Updated
2023-02-13
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
Source: Red Hat, Inc.
Max CVSS
2.1
EPSS Score
0.06%
Published
2014-11-01
Updated
2020-08-11
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.
Source: Red Hat, Inc.
Max CVSS
2.3
EPSS Score
0.04%
Published
2013-10-11
Updated
2014-03-06
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
Source: Red Hat, Inc.
Max CVSS
2.7
EPSS Score
0.06%
Published
2014-01-19
Updated
2017-01-07
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
Source: Red Hat, Inc.
Max CVSS
2.1
EPSS Score
0.06%
Published
2012-06-21
Updated
2020-11-02
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
Source: Red Hat, Inc.
Max CVSS
2.1
EPSS Score
0.06%
Published
2008-08-08
Updated
2020-12-16
QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.
Source: MITRE
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-05-02
Updated
2020-12-15
QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.
Source: MITRE
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-05-02
Updated
2020-12-15
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!