Search CVE reports
101 – 110 of 470 results
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.
2 affected packages
qemu-kvm, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| qemu | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.
2 affected packages
qemu-kvm, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| qemu | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
Some fixes available 13 of 14
A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse...
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Fixed | Fixed | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-2891
2 affected packages
qemu-kvm, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | — | — | Not in release | Not in release |
| qemu | — | — | Not affected | Not affected |
Some fixes available 13 of 14
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Fixed | Fixed | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
Some fixes available 13 of 14
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Fixed | Fixed | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
Some fixes available 13 of 14
QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Fixed | Fixed | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
Some fixes available 13 of 14
QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.
2 affected packages
qemu, qemu-kvm
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu | Fixed | Fixed | Fixed | Fixed |
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations...
2 affected packages
qemu-kvm, qemu
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| qemu-kvm | Not in release | Not in release | Not in release | Not in release |
| qemu | Vulnerable | Vulnerable | Vulnerable | Not affected |