Qemu : Security Vulnerabilities, CVEs, CVSS score between 1 and 2.99
In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
Max CVSS
2.3
EPSS Score
0.05%
Published
2020-07-02
Updated
2022-09-23
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
Max CVSS
2.5
EPSS Score
0.05%
Published
2020-06-02
Updated
2022-11-16
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
Max CVSS
1.9
EPSS Score
0.04%
Published
2015-08-26
Updated
2016-12-24
The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local users to cause a denial of service (NULL pointer dereference) by sending a udp packet with a value of 0 in the source port and address, which triggers access of an uninitialized socket.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-11-07
Updated
2023-02-13
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
Max CVSS
2.1
EPSS Score
0.06%
Published
2014-11-01
Updated
2020-08-11
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.
Max CVSS
2.3
EPSS Score
0.04%
Published
2013-10-11
Updated
2014-03-06
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.
Max CVSS
2.7
EPSS Score
0.06%
Published
2014-01-19
Updated
2017-01-07
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
Max CVSS
2.1
EPSS Score
0.06%
Published
2012-06-21
Updated
2020-11-02
QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004.
Max CVSS
2.1
EPSS Score
0.06%
Published
2008-08-08
Updated
2020-12-16
QEMU 0.8.2 allows local users to crash a virtual machine via the divisor operand to the aam instruction, as demonstrated by "aam 0x0," which triggers a divide-by-zero error.
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-05-02
Updated
2020-12-15
QEMU 0.8.2 allows local users to halt a virtual machine by executing the icebp instruction.
Max CVSS
2.1
EPSS Score
0.04%
Published
2007-05-02
Updated
2020-12-15
11 vulnerabilities found