Canonical » Ubuntu Linux » 12.04 esm : Security Vulnerabilities, CVEs, Published In 2016 (Memory corruption)
The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
Max CVSS
4.4
EPSS Score
0.06%
Published
2016-06-14
Updated
2020-10-21
Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.
Max CVSS
7.8
EPSS Score
0.06%
Published
2016-06-01
Updated
2023-02-12
The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-09-02
Updated
2020-10-21
QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.
Max CVSS
6.0
EPSS Score
0.06%
Published
2016-09-02
Updated
2020-10-21
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
Max CVSS
5.9
EPSS Score
0.55%
Published
2016-06-10
Updated
2021-07-20
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.
Max CVSS
9.8
EPSS Score
4.80%
Published
2016-04-26
Updated
2020-12-14
QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption.
Max CVSS
6.5
EPSS Score
0.06%
Published
2016-04-07
Updated
2023-02-12
The ohci_bus_start function in the USB OHCI emulation support (hw/usb/hcd-ohci.c) in QEMU allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors related to multiple eof_timers.
Max CVSS
5.0
EPSS Score
0.06%
Published
2016-06-16
Updated
2023-02-13
8 vulnerabilities found