Search CVE reports
171 – 180 of 464 results
CVE-2018-16847
Medium priorityAn OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Fixed | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-18438
Low priorityQemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Not affected | Not affected | Not affected |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-10839
Medium priorityQemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-17963
Medium priorityqemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-17962
Medium priorityQemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-17958
Medium priorityQemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-15746
Low prioritySome fixes available 2 of 4
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Fixed | Ignored |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2017-2630
Medium priorityA stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server's response to a 'NBD_OPT_LIST' request. A...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | Not affected |
| qemu-kvm | — | — | — | — | Not in release |
CVE-2017-7539
Medium priorityAn assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | Not affected |
| qemu-kvm | — | — | — | — | Not in release |
CVE-2017-7471
High priorityQuick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs) support, is vulnerable to an improper access control issue. It could occur while accessing files on a shared host directory. A...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | Not affected |
| qemu-kvm | — | — | — | — | Not in release |