Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

121 – 130 of 396 results


CVE-2017-18043

Low priority
Fixed

Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected Not affected Fixed
qemu-kvm Not in release Not in release Not in release
Show less packages

CVE-2017-18030

Low priority
Not affected

The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected Not affected Not affected
qemu-kvm Not in release Not in release Not in release
Show less packages

CVE-2018-5683

Low priority
Fixed

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Fixed Fixed Fixed
qemu-kvm Not in release Not in release Not in release
Show less packages

CVE-2017-15124

Low priority

Some fixes available 1 of 4

VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Ignored
qemu-kvm Not in release
Show less packages

CVE-2017-5715

High priority

Some fixes available 45 of 56

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

86 affected packages

amd64-microcode, firefox, intel-microcode, libvirt, linux...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
amd64-microcode Not affected Not affected Not affected Fixed Fixed
firefox Not affected Not affected Not affected Fixed Fixed
intel-microcode Not affected Not affected Not affected Not affected Fixed
libvirt Not affected Not affected Not affected Not affected Fixed
linux Not affected Not affected Not affected Not affected Fixed
linux-aws Not affected Not affected Not affected Not affected Fixed
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Not affected
linux-azure Not affected Not affected Not affected Not affected Fixed
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Not affected Not in release
linux-azure-fde Not in release Not affected Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Fixed
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Ignored
linux-gcp Not affected Not affected Not affected Not affected Fixed
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gkeop Not affected Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not in release Not in release Not in release Not affected Fixed
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Fixed
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Not affected Fixed
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-quantal Not in release Not in release
linux-lts-raring Not in release Not in release
linux-lts-saucy Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Not affected Fixed
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Not affected Not affected
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Not affected Fixed
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Not affected Fixed
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
qemu Not affected Not affected Not affected Fixed Fixed
qemu-kvm Not in release Not in release
webkit2gtk Not affected Not affected Not affected Not affected Fixed
Show all 86 packages Show less packages

CVE-2017-17381

Low priority

Some fixes available 2 of 3

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Fixed
qemu-kvm Not in release
Show less packages

CVE-2017-15119

Medium priority

Some fixes available 2 of 3

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Fixed
qemu-kvm Not in release
Show less packages

CVE-2017-15118

Medium priority

Some fixes available 1 of 2

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected
qemu-kvm Not in release
Show less packages

CVE-2017-16845

Low priority

Some fixes available 3 of 4

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Fixed Fixed
qemu-kvm Not in release Not in release
Show less packages

CVE-2017-15289

Low priority

Some fixes available 3 of 4

The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected Not affected Fixed
qemu-kvm Not in release Not in release Not in release
Show less packages