Search CVE reports
181 – 190 of 464 results
CVE-2018-12617
Medium prioritySome fixes available 9 of 10
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-11806
Medium prioritySome fixes available 3 of 4
m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Not affected | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-3639
Medium prioritySome fixes available 59 of 69
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with...
147 affected packages
intel-microcode, libvirt, linux, linux-allwinner, linux-allwinner-5.19...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| intel-microcode | Not affected | Not affected | Not affected | Fixed | Fixed |
| libvirt | Fixed | Fixed | Fixed | Fixed | Fixed |
| linux | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-allwinner | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-allwinner-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws-5.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-5.11 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-5.3 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-5.8 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.11 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-5.3 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.8 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-azure-fde | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fde-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-fde-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-dell300x | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-euclid | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-flo | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.11 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-5.3 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.8 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-edge | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-gke | Not affected | Not affected | Not affected | Not in release | Ignored |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gke-5.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gke-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gke-5.3 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gke-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gkeop-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-goldfish | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-grouper | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-hwe-5.11 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-5.8 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-5.13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Fixed | Fixed |
| linux-laptop | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-lts-utopic | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-lts-vivid | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-lts-wily | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-mako | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-manta | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-oem-5.10 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oem-5.13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oem-5.14 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oem-5.17 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-oem-5.6 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.0 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.1 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem-osp1 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-5.11 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.13 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.3 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-5.8 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Not affected | Fixed | Fixed |
| linux-raspi2-5.3 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-riscv-5.11 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-riscv-5.8 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-starfive | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-starfive-5.19 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-starfive-6.2 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-starfive-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
| qemu | Fixed | Fixed | Fixed | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release | Not in release |
| xen | Not affected | Not affected | Not affected | Not affected | Needs evaluation |
CVE-2018-7858
Medium priorityQuick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | Fixed | Not affected |
| qemu-kvm | — | — | — | Not in release | Not in release |
CVE-2018-7550
Medium priorityThe load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2017-18043
Low priorityInteger overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Not affected | Not affected | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2017-18030
Low priorityThe cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Not affected | Not affected | Not affected |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2018-5683
Low priorityThe vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | Fixed | Fixed | Fixed |
| qemu-kvm | — | — | Not in release | Not in release | Not in release |
CVE-2017-15124
Low prioritySome fixes available 1 of 4
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | Ignored |
| qemu-kvm | — | — | — | — | Not in release |
CVE-2017-5715
High prioritySome fixes available 42 of 54
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
40 affected packages
amd64-microcode, firefox, intel-microcode, libvirt, linux...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| amd64-microcode | — | — | — | Fixed | Fixed |
| firefox | — | — | — | Fixed | Fixed |
| intel-microcode | — | — | — | Not affected | Fixed |
| libvirt | — | — | — | Not affected | Fixed |
| linux | — | — | — | Not affected | Fixed |
| linux-armadaxp | — | — | — | Not in release | Not in release |
| linux-aws | — | — | — | Not affected | Fixed |
| linux-azure | — | — | — | Not affected | Fixed |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Fixed |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Fixed |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Not affected | Fixed |
| linux-linaro-omap | — | — | — | Not in release | Not in release |
| linux-linaro-shared | — | — | — | Not in release | Not in release |
| linux-linaro-vexpress | — | — | — | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Fixed |
| linux-qcm-msm | — | — | — | Not in release | Not in release |
| linux-raspi2 | — | — | — | Not affected | Fixed |
| linux-snapdragon | — | — | — | Not affected | Fixed |
| linux-ti-omap4 | — | — | — | Not in release | Not in release |
| qemu | — | — | — | Fixed | Fixed |
| qemu-kvm | — | — | — | Not in release | Not in release |
| webkit2gtk | — | — | — | Not affected | Fixed |