Search CVE reports
121 – 130 of 396 results
CVE-2017-18043
Low priorityInteger overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | Not affected | Not affected | Fixed |
qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2017-18030
Low priorityThe cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | Not affected | Not affected | Not affected |
qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-5683
Low priorityThe vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | Fixed | Fixed | Fixed |
qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2017-15124
Low prioritySome fixes available 1 of 4
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not...
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | — | Ignored |
qemu-kvm | — | — | — | — | Not in release |
CVE-2017-5715
High prioritySome fixes available 45 of 56
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
86 affected packages
amd64-microcode, firefox, intel-microcode, libvirt, linux...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
amd64-microcode | Not affected | Not affected | Not affected | Fixed | Fixed |
firefox | Not affected | Not affected | Not affected | Fixed | Fixed |
intel-microcode | Not affected | Not affected | Not affected | Not affected | Fixed |
libvirt | Not affected | Not affected | Not affected | Not affected | Fixed |
linux | Not affected | Not affected | Not affected | Not affected | Fixed |
linux-aws | Not affected | Not affected | Not affected | Not affected | Fixed |
linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not affected |
linux-azure | Not affected | Not affected | Not affected | Not affected | Fixed |
linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-azure-edge | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-euclid | — | — | — | Not in release | Fixed |
linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | Not affected | Not affected | Not affected | Not affected | Fixed |
linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
linux-gkeop | Not affected | Not affected | Not affected | Not in release | Not in release |
linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | Not in release | Not in release | Not in release | Not affected | Fixed |
linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-kvm | Not in release | Not affected | Not affected | Not affected | Fixed |
linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
linux-oem | Not in release | Not in release | Not in release | Not affected | Fixed |
linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
linux-oracle | Not affected | Not affected | Not affected | Not affected | Not affected |
linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
linux-raspi2 | Not in release | Not in release | Ignored | Not affected | Fixed |
linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
linux-snapdragon | Not in release | Not in release | Not in release | Not affected | Fixed |
linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
qemu | Not affected | Not affected | Not affected | Fixed | Fixed |
qemu-kvm | — | — | — | Not in release | Not in release |
webkit2gtk | Not affected | Not affected | Not affected | Not affected | Fixed |
CVE-2017-17381
Low prioritySome fixes available 2 of 3
The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | — | Fixed |
qemu-kvm | — | — | — | — | Not in release |
CVE-2017-15119
Medium prioritySome fixes available 2 of 3
The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB...
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | — | Fixed |
qemu-kvm | — | — | — | — | Not in release |
CVE-2017-15118
Medium prioritySome fixes available 1 of 2
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an...
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | — | Not affected |
qemu-kvm | — | — | — | — | Not in release |
CVE-2017-16845
Low prioritySome fixes available 3 of 4
hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | — | Fixed | Fixed |
qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2017-15289
Low prioritySome fixes available 3 of 4
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
2 affected packages
qemu, qemu-kvm
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
qemu | — | — | Not affected | Not affected | Fixed |
qemu-kvm | — | — | Not in release | Not in release | Not in release |