Qemu : Security Vulnerabilities, CVEs, Published In 2013 (Overflow)
Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.
Max CVSS
7.2
EPSS Score
0.04%
Published
2013-10-04
Updated
2020-08-11
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Max CVSS
9.3
EPSS Score
2.31%
Published
2013-02-13
Updated
2023-02-13
2 vulnerabilities found