qemu (SUSE:Linux Enterprise Server 12) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 package qemu, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (50)
CVE-2016-4002 — CVSS 9.8 (critical): Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets…
CVE-2015-7512 — CVSS 9.0 (critical): Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to…
CVE-2016-3710 — CVSS 8.8 (high): The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to…
CVE-2016-1568 — CVSS 8.8 (high): Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial…
CVE-2016-4001 — CVSS 8.6 (high): Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is…
CVE-2015-1779 — CVSS 8.6 (high): The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1)…
CVE-2016-2857 — CVSS 8.4 (high): The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap…
CVE-2016-1714 — CVSS 8.1 (high): The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration…
CVE-2015-8567 — CVSS 7.7 (high): Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
CVE-2015-3456 — CVSS 7.7 (high): The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service…
CVE-2015-3209 — CVSS 7.5 (high): Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with…
CVE-2015-8619 — CVSS 7.5 (high): The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application…
CVE-2015-6855 — CVSS 7.5 (high): hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of…
CVE-2014-7840 — CVSS 7.5 (high): The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute…
CVE-2015-5279 — CVSS 7.2 (high): Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial…
CVE-2014-3689 — CVSS 7.2 (high): The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via…
CVE-2015-5154 — CVSS 7.2 (high): Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled…
CVE-2016-2538 — CVSS 7.1 (high): Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators…
CVE-2015-8743 — CVSS 7.1 (high): QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w access issue. It could occur while…
CVE-2015-3214 — CVSS 6.9 (medium): The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write…
CVE-2016-4439 — CVSS 6.7 (medium): The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer…
CVE-2015-5239 — CVSS 6.5 (medium): Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a…
CVE-2015-5278 — CVSS 6.5 (medium): The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and…
CVE-2015-5745 — CVSS 6.5 (medium): Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial…
CVE-2015-8345 — CVSS 6.5 (medium): The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop)…
CVE-2015-8504 — CVSS 6.5 (medium): Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and…
CVE-2015-8568 — CVSS 6.5 (medium): Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of…
CVE-2015-8613 — CVSS 6.5 (medium): Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows…
CVE-2016-2858 — CVSS 6.5 (medium): QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service…
CVE-2016-4020 — CVSS 6.5 (medium): The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS…
CVE-2015-7549 — CVSS 6.0 (medium): The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service…
CVE-2016-4037 — CVSS 6.0 (medium): The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite…
CVE-2016-2841 — CVSS 6.0 (medium): The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators…
CVE-2016-4952 — CVSS 6.0 (medium): QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to…
CVE-2016-4441 — CVSS 6.0 (medium): The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which…
CVE-2016-2198 — CVSS 5.5 (medium): QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when…
CVE-2015-8745 — CVSS 5.5 (medium): QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It could occur while…
CVE-2015-8818 — CVSS 5.5 (medium): The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not properly skip MMIO regions, which…
CVE-2015-8558 — CVSS 5.5 (medium): The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop…
CVE-2016-1922 — CVSS 5.5 (medium): QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit Windows guests support is vulnerable to a null pointer dereference…
CVE-2016-1981 — CVSS 5.5 (medium): QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while…
CVE-2016-3712 — CVSS 5.5 (medium): Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process…
CVE-2015-8744 — CVSS 5.5 (medium): QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest…
CVE-2015-8817 — CVSS 5.5 (medium): QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w…
CVE-2015-7295 — CVSS 5.0 (medium): hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported…
CVE-2014-7815 — CVSS 5.0 (medium): The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel…
CVE-2014-9718 — CVSS 4.9 (medium): The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's…
CVE-2014-8106 — CVSS 4.6 (medium): Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute…
CVE-2014-3615 — CVSS 2.1 (low): The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a high resolution.
CVE-2015-4037 — CVSS 1.9 (low): The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to…