Information on source package qemu

Available versions

ReleaseVersion
jessie1:2.1+dfsg-12+deb8u23
stretch1:2.8+dfsg-6+deb9u19
stretch (security)1:2.8+dfsg-6+deb9u17
buster1:3.1+dfsg-8+deb10u12
bullseye1:5.2+dfsg-11+deb11u3
bullseye (security)1:5.2+dfsg-11+deb11u2
bookworm1:7.2+dfsg-7+deb12u7
trixie1:9.2.0+ds-2
sid1:9.2.0+ds-2

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-8612vulnerablevulnerablevulnerablevulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-c ...
CVE-2024-8354vulnerablevulnerablevulnerablevulnerablevulnerable (no DSA)vulnerablevulnerableA flaw was found in QEMU. An assertion failure was present in the usb_ ...
CVE-2024-7730vulnerablevulnerablevulnerablevulnerablevulnerable (no DSA)fixedfixedA heap buffer overflow was found in the virtio-snd device in QEMU. Whe ...
CVE-2024-7409vulnerablevulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedA flaw was found in the QEMU NBD Server. This vulnerability allows a d ...
CVE-2024-6519vulnerablevulnerablevulnerablevulnerablevulnerable (no DSA)vulnerablevulnerableA use-after-free vulnerability was found in the QEMU LSI53C895A SCSI H ...
CVE-2024-6505vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedA flaw was found in the virtio-net device in QEMU. When enabling the R ...
CVE-2024-4467vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedfixedA flaw was found in the QEMU disk image utility (qemu-img) 'info' comm ...
CVE-2024-3567vulnerablevulnerable (no DSA)fixedfixedfixedfixedfixedA flaw was found in QEMU. An assertion failure was present in the upda ...
CVE-2024-3447vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA heap-based buffer overflow was found in the SDHCI device emulation o ...
CVE-2024-3446vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA double free vulnerability was found in QEMU virtio devices (virtio-g ...
CVE-2023-40360vulnerablefixedfixedfixedfixedfixedfixedQEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive i ...
CVE-2023-6693vulnerablefixedfixedvulnerable (no DSA)fixedfixedfixedA stack based buffer overflow was found in the virtio-net device of QE ...
CVE-2023-5088vulnerablefixedfixedvulnerable (no DSA)fixedfixedfixedA bug in QEMU could cause a guest I/O operation otherwise addressed to ...
CVE-2023-3354vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedA flaw was found in the QEMU built-in VNC server. When a client connec ...
CVE-2023-3301vulnerablefixedfixedfixedfixedfixedfixedA flaw was found in QEMU. The async nature of hot-unplug enables a rac ...
CVE-2023-3019vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, postponed)fixedfixedfixedA DMA reentrancy issue leading to a use-after-free error was found in ...
CVE-2023-2861vulnerable (no DSA, postponed)fixedfixedvulnerable (no DSA, ignored)fixedfixedfixedA flaw was found in the 9p passthrough filesystem (9pfs) implementatio ...
CVE-2023-1544fixedfixedvulnerable (no DSA, ignored)vulnerable (no DSA)fixedfixedfixedA flaw was found in the QEMU implementation of VMWare's paravirtual RD ...
CVE-2023-1386vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerableA flaw was found in the 9p passthrough filesystem (9pfs) implementatio ...
CVE-2023-0330vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedA vulnerability in the lsi53c895a device affects the latest version of ...
CVE-2022-4144vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, ignored)fixedfixedfixedAn out-of-bounds read flaw was found in the QXL display device emulati ...
CVE-2022-3872vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerableAn off-by-one read/write issue was found in the SDHCI device of QEMU. ...
CVE-2021-20255fixedfixedvulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)fixedfixedA stack overflow via an infinite recursion vulnerability was found in ...
CVE-2021-3929fixedfixedfixedvulnerable (no DSA, ignored)fixedfixedfixedA DMA reentrancy issue was found in the NVM Express Controller (NVME) ...
CVE-2021-3750vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, ignored)fixedfixedfixedA DMA reentrancy issue was found in the USB EHCI controller emulation ...
CVE-2021-3748vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedA use-after-free vulnerability was found in the virtio-net device of Q ...
CVE-2021-3735vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerableA deadlock issue was found in the AHCI controller device of QEMU. It o ...
CVE-2021-3611fixedfixedfixedvulnerable (no DSA, ignored)fixedfixedfixedA stack overflow vulnerability was found in the Intel HD Audio device ...
CVE-2021-3595vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedAn invalid pointer initialization issue was found in the SLiRP network ...
CVE-2021-3592vulnerable (no DSA, postponed)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedAn invalid pointer initialization issue was found in the SLiRP network ...
CVE-2020-35506fixedfixedfixedvulnerable (no DSA, ignored)fixedfixedfixedA use-after-free vulnerability was found in the am53c974 SCSI host bus ...
CVE-2020-35505fixedfixedfixedvulnerable (no DSA, ignored)fixedfixedfixedA NULL pointer dereference flaw was found in the am53c974 SCSI host bu ...
CVE-2020-35504fixedfixedfixedvulnerable (no DSA, ignored)fixedfixedfixedA NULL pointer dereference flaw was found in the SCSI emulation suppor ...
CVE-2020-35503vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerableA NULL pointer dereference flaw was found in the megasas-gen2 SCSI hos ...
CVE-2020-25743fixedvulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerablehw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereferen ...
CVE-2020-25742vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerablepci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL p ...
CVE-2020-25741vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerablefdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer d ...
CVE-2020-24165vulnerablefixedfixedfixedfixedfixedfixedAn issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local ...
CVE-2020-15469fixedfixedfixedvulnerable (no DSA, ignored)fixedfixedfixedIn QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback m ...
CVE-2020-14394vulnerable (no DSA, postponed)fixedfixedfixedfixedfixedfixedAn infinite loop flaw was found in the USB xHCI controller emulation o ...
CVE-2019-12067vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerablevulnerableThe ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to ...
CVE-2019-8934vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedhw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure becau ...
CVE-2018-19665vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedThe Bluetooth subsystem in QEMU mishandles negative values for length ...
CVE-2018-18438vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedQemu has integer overflows because IOReadHandler and its associated fu ...
CVE-2018-15746vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedqemu-seccomp.c in QEMU might allow local OS guest users to cause a den ...
CVE-2017-15124vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedVNC server implementation in Quick Emulator (QEMU) 2.11.0 and older wa ...
CVE-2017-13672vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedQEMU (aka Quick Emulator), when built with the VGA display emulator su ...
CVE-2017-11334vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedThe address_space_write_continue function in exec.c in QEMU (aka Quick ...
CVE-2016-9923vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedQuick Emulator (Qemu) built with the 'chardev' backend support is vuln ...
CVE-2015-8817vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedQEMU (aka Quick Emulator) built to use 'address_space_translate' to ma ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2022-36648vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device ...
CVE-2022-35414vulnerablevulnerablefixedvulnerablefixedfixedfixedsoftmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized r ...
CVE-2020-24352fixedfixedfixedvulnerablevulnerablevulnerablevulnerableAn issue was discovered in QEMU through 5.1.0. An out-of-bounds memory ...
CVE-2019-20175vulnerablevulnerablevulnerablefixedfixedfixedfixedAn issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 ...
CVE-2019-12929vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS co ...
CVE-2019-12928vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableThe QMP migrate command in QEMU version 4.0.0 and earlier is vulnerabl ...
CVE-2019-12247vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableQEMU 3.0.0 has an Integer Overflow because the qga/commands*.c files d ...
CVE-2018-20216fixedfixedvulnerablefixedfixedfixedfixedQEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c becaus ...
CVE-2018-20191fixedfixedvulnerablefixedfixedfixedfixedhw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation ...
CVE-2018-20126fixedfixedvulnerablefixedfixedfixedfixedhw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory ...
CVE-2018-20125fixedfixedvulnerablefixedfixedfixedfixedhw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of ...
CVE-2018-20124fixedfixedvulnerablefixedfixedfixedfixedhw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of ...
CVE-2018-20123fixedfixedvulnerablefixedfixedfixedfixedpvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak ...
CVE-2017-9060fixedvulnerablefixedfixedfixedfixedfixedMemory leak in the virtio_gpu_set_scanout function in hw/display/virti ...
CVE-2017-8284vulnerablevulnerablefixedfixedfixedfixedfixedThe disas_insn function in target/i386/translate.c in QEMU before 2.9. ...
CVE-2017-5578fixedvulnerablefixedfixedfixedfixedfixedMemory leak in the virtio_gpu_resource_attach_backing function in hw/d ...
CVE-2017-5552fixedvulnerablefixedfixedfixedfixedfixedMemory leak in the virgl_resource_attach_backing function in hw/displa ...
CVE-2016-10028fixedvulnerablefixedfixedfixedfixedfixedThe virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEM ...

Resolved issues

BugDescription
CVE-2024-26328An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in h ...
CVE-2024-26327An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in h ...
CVE-2024-24474QEMU before 8.2.0 has an integer underflow, and resultant buffer overf ...
CVE-2024-4693A flaw was found in the QEMU Virtio PCI Bindings (hw/virtio/virtio-pci ...
CVE-2023-42467QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset ...
CVE-2023-6683A flaw was found in the QEMU built-in VNC server while processing Clie ...
CVE-2023-4135A heap out-of-bounds memory read flaw was found in the virtual nvme de ...
CVE-2023-3255A flaw was found in the QEMU built-in VNC server while processing Clie ...
CVE-2023-3180A flaw was found in the QEMU virtual crypto device while handling data ...
CVE-2023-2680This CVE exists because of an incomplete fix for CVE-2021-3750. More s ...
CVE-2023-0664A flaw was found in the QEMU Guest Agent service for Windows. A local ...
CVE-2022-26354A flaw was found in the vhost-vsock device of QEMU. In case of error, ...
CVE-2022-26353A flaw was found in the virtio-net device of QEMU. This flaw was inadv ...
CVE-2022-4172An integer overflow and buffer overflow issues were found in the ACPI ...
CVE-2022-3165An integer underflow issue was found in the QEMU VNC server while proc ...
CVE-2022-2962A DMA reentrancy issue was found in the Tulip device emulation in QEMU ...
CVE-2022-1050A flaw was found in the QEMU implementation of VMWare's paravirtual RD ...
CVE-2022-0358A flaw was found in the QEMU virtio-fs shared file system daemon (virt ...
CVE-2022-0216A use-after-free vulnerability was found in the LSI53C895A SCSI Host B ...
CVE-2021-20295It was discovered that the update for the virt:rhel module in the RHSA ...
CVE-2021-20263A flaw was found in the virtio-fs shared file system daemon (virtiofsd ...
CVE-2021-20257An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. ...
CVE-2021-20221An out-of-bounds heap buffer access issue was found in the ARM Generic ...
CVE-2021-20203An integer overflow issue was found in the vmxnet3 NIC emulator of the ...
CVE-2021-20196A NULL pointer dereference flaw was found in the floppy disk emulator ...
CVE-2021-20181A race condition flaw was found in the 9pfs server implementation of Q ...
CVE-2021-4207A flaw was found in the QXL display device emulation in QEMU. A double ...
CVE-2021-4206A flaw was found in the QXL display device emulation in QEMU. An integ ...
CVE-2021-4158A NULL pointer dereference issue was found in the ACPI code of QEMU. A ...
CVE-2021-4145A NULL pointer dereference issue was found in the block mirror layer o ...
CVE-2021-3947A stack-buffer-overflow was found in QEMU in the NVME component. The f ...
CVE-2021-3930An off-by-one error was found in the SCSI device emulation in QEMU. It ...
CVE-2021-3713An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) d ...
CVE-2021-3682A flaw was found in the USB redirector device emulation of QEMU in ver ...
CVE-2021-3638An out-of-bounds memory access flaw was found in the ATI VGA device em ...
CVE-2021-3608A flaw was found in the QEMU implementation of VMWare's paravirtual RD ...
CVE-2021-3607An integer overflow was found in the QEMU implementation of VMWare's p ...
CVE-2021-3594An invalid pointer initialization issue was found in the SLiRP network ...
CVE-2021-3593An invalid pointer initialization issue was found in the SLiRP network ...
CVE-2021-3582A flaw was found in the QEMU implementation of VMWare's paravirtual RD ...
CVE-2021-3546An out-of-bounds write vulnerability was found in the virtio vhost-use ...
CVE-2021-3545An information disclosure vulnerability was found in the virtio vhost- ...
CVE-2021-3544Several memory leaks were found in the virtio vhost-user GPU device (v ...
CVE-2021-3527A flaw was found in the USB redirector device (usb-redir) of QEMU. Sma ...
CVE-2021-3507A heap buffer overflow was found in the floppy disk emulator of QEMU u ...
CVE-2021-3416A potential stack overflow via infinite loop issue was found in variou ...
CVE-2021-3409The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffectiv ...
CVE-2021-3392A use-after-free flaw was found in the MegaRAID emulator of QEMU. This ...
CVE-2020-35517A flaw was found in qemu. A host privilege escalation issue was found ...
CVE-2020-29443ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of- ...
CVE-2020-29130slirp.c in libslirp through 4.3.1 has a buffer over-read because it tr ...
CVE-2020-29129ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tri ...
CVE-2020-28916hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX desc ...
CVE-2020-27821A flaw was found in the memory management API of QEMU during the initi ...
CVE-2020-27661A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-d ...
CVE-2020-27617eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to t ...
CVE-2020-27616ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outsi ...
CVE-2020-25723A reachable assertion issue was found in the USB EHCI emulation code o ...
CVE-2020-25625hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list ha ...
CVE-2020-25624hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via ...
CVE-2020-25085QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue ...
CVE-2020-25084QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_p ...
CVE-2020-17380A heap-based buffer overflow was found in QEMU through 5.0.0 in the SD ...
CVE-2020-16092In QEMU through 5.0.0, an assertion failure can occur in the network p ...
CVE-2020-15863hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2 ...
CVE-2020-15859QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a gues ...
CVE-2020-14415oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer ...
CVE-2020-14364An out-of-bounds read/write access flaw was found in the USB emulator ...
CVE-2020-13800ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to tri ...
CVE-2020-13791hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of- ...
CVE-2020-13765rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate ...
CVE-2020-13754hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of ...
CVE-2020-13659address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer d ...
CVE-2020-13362In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c h ...
CVE-2020-13361In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c ...
CVE-2020-13253sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, wh ...
CVE-2020-12829In QEMU through 5.0.0, an integer overflow was found in the SM501 disp ...
CVE-2020-11947iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buf ...
CVE-2020-11869An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way i ...
CVE-2020-11102hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying ...
CVE-2020-10761An assertion failure issue was found in the Network Block Device(NBD) ...
CVE-2020-10756An out-of-bounds read vulnerability was found in the SLiRP networking ...
CVE-2020-10717A potential DoS flaw was found in the virtio-fs shared file system dae ...
CVE-2020-10702A flaw was found in QEMU in the implementation of the Pointer Authenti ...
CVE-2020-8608In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf ...
CVE-2020-7039tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, misman ...
CVE-2020-1983A use after free vulnerability in ip_reass() in ip_input.c of libslirp ...
CVE-2020-1711An out-of-bounds heap buffer access flaw was found in the way the iSCS ...
CVE-2019-20808In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA imp ...
CVE-2019-20382QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle. ...
CVE-2019-15890libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reas ...
CVE-2019-15034hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient ...
CVE-2019-14378ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overf ...
CVE-2019-13164qemu-bridge-helper.c in QEMU 3.1 and 4.0.0 does not ensure that a netw ...
CVE-2019-12155interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4 ...
CVE-2019-12068In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg ...
CVE-2019-9824tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 u ...
CVE-2019-6778In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer ove ...
CVE-2019-6501In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allow ...
CVE-2019-5008hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dere ...
CVE-2019-3812QEMU, through version 2.10 and through version 3.1.0, is vulnerable to ...
CVE-2018-20815In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated ...
CVE-2018-19489v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a de ...
CVE-2018-19364hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while ...
CVE-2018-18954The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 al ...
CVE-2018-18849In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-boun ...
CVE-2018-17963qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes grea ...
CVE-2018-17962Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because ...
CVE-2018-17958Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c b ...
CVE-2018-16872A flaw was found in qemu Media Transfer Protocol (MTP). The code openi ...
CVE-2018-16867A flaw was found in qemu Media Transfer Protocol (MTP) before version ...
CVE-2018-16847An OOB heap buffer r/w access issue was found in the NVM Express Contr ...
CVE-2018-12617qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c i ...
CVE-2018-11806m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via inc ...
CVE-2018-10839Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is ...
CVE-2018-7858Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Em ...
CVE-2018-7550The load_multiboot function in hw/i386/multiboot.c in Quick Emulator ( ...
CVE-2018-5683The vga_draw_text function in Qemu allows local OS guest privileged us ...
CVE-2017-18043Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) ...
CVE-2017-18030The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qe ...
CVE-2017-17381The Virtio Vring implementation in QEMU allows local OS guest users to ...
CVE-2017-16845hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values dur ...
CVE-2017-15289The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow ...
CVE-2017-15268Qemu through 2.10.0 allows remote attackers to cause a memory leak by ...
CVE-2017-15119The Network Block Device (NBD) server in Quick Emulator (QEMU) before ...
CVE-2017-15118A stack-based buffer overflow vulnerability was found in NBD server im ...
CVE-2017-15038Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU ...
CVE-2017-14167Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...
CVE-2017-13711Use-after-free vulnerability in the sofree function in slirp/socket.c ...
CVE-2017-13673The vga display update in mis-calculated the region for the dirty bitm ...
CVE-2017-12809QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM ...
CVE-2017-11434The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) ...
CVE-2017-10911The make_response function in drivers/block/xen-blkback/blkback.c in t ...
CVE-2017-10806Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Em ...
CVE-2017-10664qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which a ...
CVE-2017-9524The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...
CVE-2017-9503QEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host B ...
CVE-2017-9375QEMU (aka Quick Emulator), when built with USB xHCI controller emulato ...
CVE-2017-9374Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emu ...
CVE-2017-9373Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emu ...
CVE-2017-9330QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI E ...
CVE-2017-9310QEMU (aka Quick Emulator), when built with the e1000e NIC emulation su ...
CVE-2017-8380Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 all ...
CVE-2017-8379Memory leak in the keyboard input event handlers support in QEMU (aka ...
CVE-2017-8309Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows r ...
CVE-2017-8112hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest O ...
CVE-2017-8086Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in Q ...
CVE-2017-7980Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick E ...
CVE-2017-7718hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local ...
CVE-2017-7539An assertion-failure flaw was found in Qemu before 2.10.1, in the Netw ...
CVE-2017-7493Quick Emulator (Qemu) built with the VirtFS, host directory sharing vi ...
CVE-2017-7471Quick Emulator (Qemu) built with the VirtFS, host directory sharing vi ...
CVE-2017-7377The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in ...
CVE-2017-6505The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Qu ...
CVE-2017-6058Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU ( ...
CVE-2017-5987The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...
CVE-2017-5973The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick E ...
CVE-2017-5931Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emula ...
CVE-2017-5898Integer overflow in the emulated_apdu_from_guest function in usb/dev-s ...
CVE-2017-5857Memory leak in the virgl_cmd_resource_unref function in hw/display/vir ...
CVE-2017-5856Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c i ...
CVE-2017-5715Systems with microprocessors utilizing speculative execution and indir ...
CVE-2017-5667The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...
CVE-2017-5579Memory leak in the serial_exit_core function in hw/char/serial.c in QE ...
CVE-2017-5526Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows l ...
CVE-2017-5525Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows loc ...
CVE-2017-2633An out-of-bounds memory access issue was found in Quick Emulator (QEMU ...
CVE-2017-2630A stack buffer overflow flaw was found in the Quick Emulator (QEMU) be ...
CVE-2017-2620Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA E ...
CVE-2017-2615Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator sup ...
CVE-2016-10155Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) ...
CVE-2016-10029The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built ...
CVE-2016-9922The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Qu ...
CVE-2016-9921Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator sup ...
CVE-2016-9916Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows ...
CVE-2016-9915Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows ...
CVE-2016-9914Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local ...
CVE-2016-9913Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p ...
CVE-2016-9912Quick Emulator (Qemu) built with the Virtio GPU Device emulator suppor ...
CVE-2016-9911Quick Emulator (Qemu) built with the USB EHCI Emulation support is vul ...
CVE-2016-9908Quick Emulator (Qemu) built with the Virtio GPU Device emulator suppor ...
CVE-2016-9907Quick Emulator (Qemu) built with the USB redirector usb-guest support ...
CVE-2016-9846QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator su ...
CVE-2016-9845QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator su ...
CVE-2016-9776QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Contro ...
CVE-2016-9637The (1) ioport_read and (2) ioport_write functions in Xen, when qemu i ...
CVE-2016-9603A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA e ...
CVE-2016-9602Qemu before version 2.9 is vulnerable to an improper link following wh ...
CVE-2016-9106Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Qu ...
CVE-2016-9105Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Qui ...
CVE-2016-9104Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xat ...
CVE-2016-9103The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emula ...
CVE-2016-9102Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ( ...
CVE-2016-9101Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows l ...
CVE-2016-8910The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Q ...
CVE-2016-8909The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick ...
CVE-2016-8669The serial_update_parameters function in hw/char/serial.c in QEMU (aka ...
CVE-2016-8668The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Q ...
CVE-2016-8667The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulat ...
CVE-2016-8578The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (ak ...
CVE-2016-8577Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Qui ...
CVE-2016-8576The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick E ...
CVE-2016-7995Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in Q ...
CVE-2016-7994Memory leak in the virtio_gpu_resource_create_2d function in hw/displa ...
CVE-2016-7909The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emul ...
CVE-2016-7908The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emul ...
CVE-2016-7907The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emul ...
CVE-2016-7466Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU ...
CVE-2016-7423The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulato ...
CVE-2016-7422The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Qui ...
CVE-2016-7421The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...
CVE-2016-7170The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Q ...
CVE-2016-7161Heap-based buffer overflow in the .receive callback of xlnx.xps-ethern ...
CVE-2016-7157The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 func ...
CVE-2016-7156The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (ak ...
CVE-2016-7155hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest O ...
CVE-2016-7116Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick E ...
CVE-2016-6888Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt. ...
CVE-2016-6836The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...
CVE-2016-6835The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in ...
CVE-2016-6834The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in ...
CVE-2016-6833Use-after-free vulnerability in the vmxnet3_io_bar0_write function in ...
CVE-2016-6490The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Qui ...
CVE-2016-6351The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), ...
CVE-2016-5403The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local ...
CVE-2016-5338The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c ...
CVE-2016-5337The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows ...
CVE-2016-5238The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest ...
CVE-2016-5126Heap-based buffer overflow in the iscsi_aio_ioctl function in block/is ...
CVE-2016-5107The megasas_lookup_frame function in QEMU, when built with MegaRAID SA ...
CVE-2016-5106The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, ...
CVE-2016-5105The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when ...
CVE-2016-4964The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Qu ...
CVE-2016-4952QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual S ...
CVE-2016-4454The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU a ...
CVE-2016-4453The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...
CVE-2016-4441The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controlle ...
CVE-2016-4439The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Con ...
CVE-2016-4037The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows lo ...
CVE-2016-4020The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not ...
CVE-2016-4002Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in ...
CVE-2016-4001Buffer overflow in the stellaris_enet_receive function in hw/net/stell ...
CVE-2016-3712Integer overflow in the VGA module in QEMU allows local guest OS users ...
CVE-2016-3710The VGA module in QEMU improperly performs bounds checking on banked a ...
CVE-2016-2858QEMU, when built with the Pseudo Random Number Generator (PRNG) back-e ...
CVE-2016-2857The net_checksum_calculate function in net/checksum.c in QEMU allows l ...
CVE-2016-2841The ne2000_receive function in the NE2000 NIC emulation support (hw/ne ...
CVE-2016-2538Multiple integer overflows in the USB Net device emulator (hw/usb/dev- ...
CVE-2016-2392The is_rndis function in the USB Net device emulator (hw/usb/dev-netwo ...
CVE-2016-2391The ohci_bus_start function in the USB OHCI emulation support (hw/usb/ ...
CVE-2016-2198QEMU (aka Quick Emulator) built with the USB EHCI emulation support is ...
CVE-2016-2197QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is ...
CVE-2016-1981QEMU (aka Quick Emulator) built with the e1000 NIC emulation support i ...
CVE-2016-1922QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit W ...
CVE-2016-1714The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg. ...
CVE-2016-1568Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with ...
CVE-2015-8818The cpu_physical_memory_write_rom_internal function in exec.c in QEMU ...
CVE-2015-8745QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8744QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8743QEMU (aka Quick Emulator) built with the NE2000 device emulation suppo ...
CVE-2015-8701QEMU (aka Quick Emulator) built with the Rocker switch emulation suppo ...
CVE-2015-8666Heap-based buffer overflow in QEMU, when built with the Q35-chipset-ba ...
CVE-2015-8619The Human Monitor Interface support in QEMU allows remote attackers to ...
CVE-2015-8613Stack-based buffer overflow in the megasas_ctrl_get_info function in Q ...
CVE-2015-8568Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8567Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause ...
CVE-2015-8558The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows loca ...
CVE-2015-8556Local privilege escalation vulnerability in the Gentoo QEMU package be ...
CVE-2015-8550Xen, when used on a system providing PV backends, allows local guest O ...
CVE-2015-8504Qemu, when built with VNC display driver support, allows remote attack ...
CVE-2015-8345The eepro100 emulator in QEMU qemu-kvm blank allows local guest users ...
CVE-2015-7549The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) a ...
CVE-2015-7512Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEM ...
CVE-2015-7504Heap-based buffer overflow in the pcnet_receive function in hw/net/pcn ...
CVE-2015-7295hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support ...
CVE-2015-6855hw/ide/core.c in QEMU does not properly restrict the commands accepted ...
CVE-2015-6815The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 ...
CVE-2015-5745Buffer overflow in the send_control_msg function in hw/char/virtio-ser ...
CVE-2015-5279Heap-based buffer overflow in the ne2000_receive function in hw/net/ne ...
CVE-2015-5278The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 ...
CVE-2015-5239Integer overflow in the VNC display driver in QEMU before 2.1.0 allows ...
CVE-2015-5225Buffer overflow in the vnc_refresh_server_surface function in the VNC ...
CVE-2015-5166Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ...
CVE-2015-5165The C+ mode offload emulation in the RTL8139 network card device model ...
CVE-2015-5158Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built ...
CVE-2015-5154Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xe ...
CVE-2015-4106QEMU does not properly restrict write access to the PCI config space f ...
CVE-2015-4105Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through err ...
CVE-2015-4104Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI m ...
CVE-2015-4103Xen 3.3.x through 4.5.x does not properly restrict write access to the ...
CVE-2015-4037The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier create ...
CVE-2015-3456The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and ear ...
CVE-2015-3214The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and Q ...
CVE-2015-3209Heap-based buffer overflow in the PCNET controller in QEMU allows remo ...
CVE-2015-2756QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict a ...
CVE-2015-1779The VNC websocket frame decoder in QEMU allows remote attackers to cau ...
CVE-2014-9718The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in ...
CVE-2014-8106Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirr ...
CVE-2014-7840The host_from_stream_offset function in arch_init.c in QEMU, when load ...
CVE-2014-7815The set_pixel_format function in ui/vnc.c in QEMU allows remote attack ...
CVE-2014-5388Off-by-one error in the pci_read function in the ACPI PCI hotplug inte ...
CVE-2014-5263vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not termina ...
CVE-2014-3689The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local g ...
CVE-2014-3640The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local ...
CVE-2014-3615The VGA emulator in QEMU allows local guest users to read host memory ...
CVE-2014-3471Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emula ...
CVE-2014-3461hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrar ...
CVE-2014-2894Off-by-one error in the cmd_smart function in the smart self test in h ...
CVE-2014-0223Integer overflow in the qcow_open function in block/qcow.c in QEMU bef ...
CVE-2014-0222Integer overflow in the qcow_open function in block/qcow.c in QEMU bef ...
CVE-2014-0182Heap-based buffer overflow in the virtio_load function in hw/virtio/vi ...
CVE-2014-0150Integer overflow in the virtio_net_handle_mac function in hw/net/virti ...
CVE-2014-0148Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to ...
CVE-2014-0147Qemu before 1.6.2 block diver for the various disk image formats used ...
CVE-2014-0146The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 an ...
CVE-2014-0145Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, a ...
CVE-2014-0144QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various ...
CVE-2014-0143Multiple integer overflows in the block drivers in QEMU, possibly befo ...
CVE-2014-0142QEMU, possibly before 2.0.0, allows local users to cause a denial of s ...
CVE-2013-6399Array index error in the virtio_load function in hw/virtio/virtio.c in ...
CVE-2013-4544hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local gu ...
CVE-2013-4542The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU be ...
CVE-2013-4541The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 ...
CVE-2013-4540Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 migh ...
CVE-2013-4539Multiple buffer overflows in the tsc210x_load function in hw/input/tsc ...
CVE-2013-4538Multiple buffer overflows in the ssd0323_load function in hw/display/s ...
CVE-2013-4537The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 al ...
CVE-2013-4536An user able to alter the savevm data (either on the disk or over the ...
CVE-2013-4535The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7 ...
CVE-2013-4534Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remot ...
CVE-2013-4533Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in ...
CVE-2013-4532Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could ...
CVE-2013-4531Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows re ...
CVE-2013-4530Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote a ...
CVE-2013-4529Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remot ...
CVE-2013-4527Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow re ...
CVE-2013-4526Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote at ...
CVE-2013-4377Use-after-free vulnerability in the virtio-pci implementation in Qemu ...
CVE-2013-4375The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4. ...
CVE-2013-4344Buffer overflow in the SCSI implementation in QEMU, as used in Xen, wh ...
CVE-2013-4151The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 a ...
CVE-2013-4150The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 thro ...
CVE-2013-4149Buffer overflow in virtio_net_load function in net/virtio-net.c in QEM ...
CVE-2013-4148Integer signedness error in the virtio_net_load function in hw/net/vir ...
CVE-2013-2231Unquoted Windows search path vulnerability in the QEMU Guest Agent ser ...
CVE-2013-2016A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validat ...
CVE-2013-2007The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when s ...
CVE-2013-1922qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw ...
CVE-2012-6075Buffer overflow in the e1000_receive function in the e1000 device driv ...
CVE-2012-3515Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulat ...
CVE-2012-2652The bdrv_open function in Qemu 1.0 does not properly handle the failur ...
CVE-2011-4111Buffer overflow in the ccid_card_vscard_handle_message function in hw/ ...
CVE-2009-3616Multiple use-after-free vulnerabilities in vnc.c in the VNC server in ...
CVE-2008-5714Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for r ...
CVE-2008-4553qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...
CVE-2008-4539Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM ...
CVE-2008-2382The protocol_client_msg function in vnc.c in the VNC server in (1) Qem ...
CVE-2008-2004The drive_init function in QEMU 0.9.1 determines the format of a raw d ...
CVE-2008-1945QEMU 0.9.0 does not properly handle changes to removable media, which ...
CVE-2008-0928Qemu 0.9.1 and earlier does not perform range checks for block device ...
CVE-2007-6227QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating syst ...
CVE-2007-5730Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly ...
CVE-2007-5729The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitr ...
CVE-2007-1366QEMU 0.8.2 allows local users to crash a virtual machine via the divis ...
CVE-2007-1322QEMU 0.8.2 allows local users to halt a virtual machine by executing t ...
CVE-2007-1321Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used ...
CVE-2007-1320Multiple heap-based buffer overflows in the cirrus_invalidate_region f ...

Security announcements

DSA / DLADescription
ELA-1063-1qemu - security update
DLA-3759-1qemu - security update
DLA-3604-1qemu - security update
DLA-3362-1qemu - security update
ELA-705-1qemu - security update
DLA-3099-1qemu - security update
DSA-5133-1qemu - security update
DLA-2970-1qemu - security update
DSA-4980-1qemu - security update
ELA-481-2qemu - regression update
DLA-2753-2qemu - regression update
DLA-2753-1qemu - security update
ELA-481-1qemu - security update
DLA-2623-1qemu - security update
ELA-392-1qemu - security update
DLA-2560-1qemu - security update
ELA-364-1qemu - security update
DLA-2469-1qemu - security update
ELA-321-1qemu - security update
ELA-283-1qemu - security update
DLA-2373-1qemu - security update
DSA-4760-1qemu - security update
ELA-249-1qemu - security update
DLA-2288-1qemu - security update
DSA-4733-1qemu - security update
DSA-4728-1qemu - security update
DLA-2262-1qemu - security update
DSA-4665-1qemu - security update
DLA-2144-1qemu - security update
DSA-4616-1qemu - security update
DLA-2090-1qemu - security update
DSA-4566-1qemu - security update
DLA-1927-1qemu - security update
DSA-4512-1qemu - security update
DSA-4506-1qemu - security update
DSA-4454-2qemu - regression update
DSA-4454-1qemu - security update
DLA-1781-1qemu - security update
DLA-1694-1qemu - security update
DLA-1646-1qemu - security update
DLA-1599-1qemu - security update
DSA-4338-1qemu - security update
DLA-1497-1qemu - security update
DSA-4213-1qemu - security update
DLA-1351-1qemu - security update
DLA-1129-1qemu - security update
DSA-3991-1qemu - security update
DLA-1070-1qemu - security update
DSA-3925-1qemu - security update
DSA-3920-1qemu - security update
DLA-1035-1qemu - security update
DLA-845-1qemu - security update
DLA-764-1qemu - security update
DLA-698-1qemu - security update
DLA-678-1qemu - security update
DLA-652-1qemu - security update
DLA-618-1qemu - security update
DLA-573-1qemu - security update
DLA-540-1qemu - security update
DSA-3573-1qemu - security update
DSA-3471-1qemu - security update
DSA-3469-1qemu - security update
DSA-3361-1qemu - security update
DSA-3348-1qemu - security update
DLA-248-1qemu - security update
DSA-3284-1qemu - security update
DSA-3259-1qemu - security update
DSA-3087-1qemu - security update
DSA-3066-1qemu - security update
DSA-3045-1qemu - security update
DSA-2932-1qemu - security update
DSA-2909-1qemu - security update
DSA-2608-1qemu - buffer overflow
DSA-2545-1qemu - multiple
DSA-1799-1qemu - several vulnerabilities
DSA-1657-1qemu - denial of service
DSA-1284-1qemu

Search for package or bug name: Reporting problems