CVSS: 3.5EPSS: 1%CPEs: 30EXPL: 0CVE-2015-6815 – Gentoo Linux Security Advisory 201602-01
https://notcve.org/view.php?id=CVE-2015-6815
21 Sep 2015 — The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. La función process_tx_desc en el archivo hw/net/e1000.c en QEMU versiones anteriores a 2.4.0.1, no procesa apropiadamente los datos del descriptor de transmisión cuando se envía un paquete de red, lo que permite a atacantes causar una denegación de se... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 3%CPEs: 13EXPL: 0CVE-2015-6855 – Gentoo Linux Security Advisory 201602-01
https://notcve.org/view.php?id=CVE-2015-6855
21 Sep 2015 — hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_MAX command to an empty drive, which triggers a divide-by-zero error and instance crash. hw/ide/core.c en QEMU no restringe adecuadamente los comandos aceptados por un dispositivo ATAPI, lo que permite a usuarios invitados provocar una denegación de servicio o p... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168602.html • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 0CVE-2015-5278 – Gentoo Linux Security Advisory 201602-01
https://notcve.org/view.php?id=CVE-2015-5278
21 Sep 2015 — The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. La función ne2000_receive en el archivo hw/net/ne2000.c en QEMU versiones anteriores a 2.4.0.1, permite a atacantes causar una denegación de servicio (bucle infinito y bloqueo de instancia) o posiblemente ejecutar código arbitrario mediante vectores relacionados a la recepción de paq... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 7%CPEs: 1EXPL: 0CVE-2015-5279 – qemu: Heap overflow vulnerability in ne2000_receive() function
https://notcve.org/view.php?id=CVE-2015-5279
21 Sep 2015 — Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets. Desbordamiento de buffer basado en memoria dinámica en la función ne2000_receive en hw/net/ne2000.c en QEMU en versiones anteriores a 2.4.0.1, permite a usuarios invitados del SO provocar una denegación de servicio (caída de la instancia) o posiblemente ejecutar códi... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=7aa2bcad0ca837dd6d4bf4fa38a80314b4a6b755 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2015-5225 – Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface
https://notcve.org/view.php?id=CVE-2015-5225
27 Aug 2015 — Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface. Desbordamiento de buffer en la función vnc_refresh_server_surface en el controlador de pantalla VNC en QEMU en versiones anteriores a 2.4.0.1 permite a usuarios invitados provocar una denegac... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 1CVE-2015-5745 – Ubuntu Security Notice USN-2724-1
https://notcve.org/view.php?id=CVE-2015-5745
27 Aug 2015 — Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message. Un desbordamiento del búfer en la función send_control_msg en el archivo hw/char/virtio-serial-bus.c en QEMU versiones anteriores a 2.4.0, permite a usuarios invitados causar una denegación de servicio (bloqueo del proceso de QEMU) por medio de un mensaje de control de virtio diseñado. It was discovered... • http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-5158 – Ubuntu Security Notice USN-2692-1
https://notcve.org/view.php?id=CVE-2015-5158
29 Jul 2015 — Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance crash) via an invalid opcode in a SCSI command descriptor block. Desbordamiento de buffer basado en pila en hw/scsi/scsi-bus.c en QEMU, cuando se construye con soporte de emulación SCSI-device, permite a usuarios del SO invitado con permisos CAP_SYS_RAWIO provocar una denegación de servicio (caída de instancia) a... • http://www.securityfocus.com/bid/76016 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 15%CPEs: 36EXPL: 0CVE-2015-3209 – qemu: pcnet: multi-tmd buffer overflow in the tx path
https://notcve.org/view.php?id=CVE-2015-3209
10 Jun 2015 — Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. Desbordamiento de buffer basado en memoria dinámica en el controlador PCNET en QEMU permite a atacantes remotos ejecutar código arbitrario mediante el envío de un paquete con el juego TXSTATUS_STARTPACKET y posteriormente un paquete manipulado con el juego TXSTATUS_DEVICEOWNS. A flaw was found in... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2015-4106 – Ubuntu Security Notice USN-2630-1
https://notcve.org/view.php?id=CVE-2015-4106
03 Jun 2015 — QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact via unknown vectors. QEMU no restringe correctamente el acceso a escritura al espacio PCI config para ciertos dispositivos PCI pass-through, lo que podría permitir a invitados x86 HVM locales obtener privilegios, causar una denegación... • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160154.html • CWE-863: Incorrect Authorization •