Search CVE reports

Toggle filters

201 – 210 of 478 results

CVE-2017-18030

Low priority
Not affected

The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu Not affected Not affected
qemu-kvm Not in release Not in release
Show less packages

CVE-2018-5683

Low priority
Fixed

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu Fixed Fixed
qemu-kvm Not in release Not in release
Show less packages

CVE-2017-15124

Low priority

Some fixes available 1 of 4

VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client. If the client did not...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu
qemu-kvm
Show less packages

CVE-2017-5715

High priority

Some fixes available 46 of 56

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

87 affected packages

linux, linux-goldfish, linux-grouper, linux-lts-quantal, linux-lts-raring...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
linux Not affected Not affected Not affected Not affected
linux-goldfish Not in release
linux-grouper Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-aws Not affected Not affected Not affected Not affected
linux-flo Not in release
linux-gke Not affected Not affected Ignored Not in release
linux-hwe Not in release Not in release Not in release Not affected
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release
linux-mako Not in release
linux-manta Not in release
linux-raspi2 Not in release Not in release Ignored Not affected
linux-snapdragon Not in release Not in release Not in release Not affected
amd64-microcode Not affected Not affected Not affected Fixed
firefox Not affected Not affected Not in release Fixed
intel-microcode Not affected Not affected Not affected Not affected
libvirt Not affected Not affected Not affected Not affected
linux-azure Not affected Not affected Not affected Not affected
linux-azure-edge Not in release Not in release Not in release Not affected
linux-euclid Not in release
linux-gcp Not affected Not affected Not affected Not affected
linux-kvm Not in release Not affected Not affected Not affected
linux-oem Not in release Not in release Not in release Not affected
qemu Not affected Not affected Not affected Fixed
linux-hwe-edge Not in release Not in release Not in release Not affected
linux-lts-trusty Not in release
linux-maguro Not in release
qemu-kvm Not in release
webkit2gtk Not affected Not affected Not affected Not affected
linux-hwe-5.4 Not in release Not in release Not in release Not affected
linux-hwe-5.15 Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected
linux-aws-5.15 Not in release Not in release Not affected Not in release
linux-aws-hwe Not in release Not in release Not in release Not in release
linux-azure-4.15 Not in release Not in release Not in release Not affected
linux-azure-5.4 Not in release Not in release Not in release Not affected
linux-azure-5.15 Not in release Not in release Not affected Not in release
linux-azure-fde Not affected Not affected Ignored Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release
linux-bluefield Not in release Not in release Not affected Not in release
linux-fips Not in release Not affected Not affected Not affected
linux-aws-fips Not in release Not affected Not affected Not affected
linux-azure-fips Not in release Not affected Not affected Not affected
linux-gcp-fips Not in release Not affected Not affected Not affected
linux-gcp-4.15 Not in release Not in release Not in release Not affected
linux-gcp-5.4 Not in release Not in release Not in release Not affected
linux-gcp-5.15 Not in release Not in release Not affected Not in release
linux-gkeop Not affected Not affected Not affected Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release
linux-ibm Not affected Not affected Not affected Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected
linux-ibm-5.15 Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release
linux-iot Not in release Not in release Not affected Not in release
linux-intel-iot-realtime Not in release Not affected Not in release Not in release
linux-lowlatency Not affected Not affected Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Not affected
linux-oracle-5.4 Not in release Not in release Not in release Not affected
linux-oracle-5.15 Not in release Not in release Not affected Not in release
linux-oem-6.8 Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected
linux-raspi-realtime Not affected Not in release Not in release Not in release
linux-realtime Not affected Not affected Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release
linux-oem-6.11 Not affected Not in release Not in release Not in release
Show all 87 packages Show less packages

CVE-2017-17381

Low priority

Some fixes available 2 of 3

The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu
qemu-kvm
Show less packages

CVE-2017-15119

Medium priority

Some fixes available 2 of 3

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu
qemu-kvm
Show less packages

CVE-2017-15118

Medium priority

Some fixes available 1 of 2

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu
qemu-kvm
Show less packages

CVE-2017-16845

Low priority

Some fixes available 3 of 4

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu Fixed
qemu-kvm Not in release
Show less packages

CVE-2017-15289

Low priority

Some fixes available 3 of 4

The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu Not affected Not affected
qemu-kvm Not in release Not in release
Show less packages

CVE-2017-15268

Low priority

Some fixes available 1 of 2

Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
qemu
qemu-kvm
Show less packages
  1. Previous page
  2. 19
  3. 20
  4. 21
  5. 22
  6. 23
  7. Next page
Export to JSON