The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-12-10
Updated
2023-02-12
Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.
Max CVSS
4.4
EPSS Score
0.06%
Published
2016-12-10
Updated
2021-08-04
2 vulnerabilities found