CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3471 – Gentoo Linux Security Advisory 201412-01
https://notcve.org/view.php?id=CVE-2014-3471
08 Sep 2014 — Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices. Vulnerabilidad de uso de memoria previamente liberada en hw/pci/pcie.c en QEMU (también conocido como Quick Emulator) permite que usuarios invitados locales del sistema operativo provoquen una denegación de servicio (cierre inesperado de la instancia QEMU) mediante las operaciones hotplug y hotu... • http://security.gentoo.org/glsa/glsa-201412-01.xml • CWE-416: Use After Free •
CVSS: 9.8EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4534 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4534
08 Sep 2014 — Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements. Desbordamiento de buffer en hw/intc/openpic.c en QEMU anterior a 1.7.2 permite a atacantes remotos causar una denegación de o posiblemente ejecutar código arbitrario a través de vectores relacionados con elementos IRQDest. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=73d963c0a75cb99c6aaa3f6f25e427aa0b35a02e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 94EXPL: 0CVE-2013-4540 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4540
08 Sep 2014 — Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image. Desbordamiento de buffer en scoop_gpio_handler_update en QEMU anterior a 1.7.2 podría permitir a atacantes remotos ejecutar código arbitrario a través de un valor (1) prev_level, (2) gpio_level, o (3) gpio_dir grande en un imagen savevm. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplu... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=52f91c3723932f8340fe36c8ec8b18a757c37b2b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4533 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4533
08 Sep 2014 — Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image. Desbordamiento de buffer en la función pxa2xx_ssp_load en hw/arm/pxa2xx.c en QEMU anterior a 1.7.2 permite a atacantes remotos causar una denegación de servicio o posiblemente ejecutar código arbitrario a través de un valor s->rx_level manipulado en un imagen savevm. Sibiao Luo discov... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=caa881abe0e01f9931125a0977ec33c5343e4aa7 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4530 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4530
08 Sep 2014 — Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image. Desbordamiento de buffer en hw/ssi/pl022.c en QEMU anterior a 1.7.2 permite a atacantes remotos causar una denegación de servicio o posiblemente ejecutar código arbitrario a través de valores tx_fifo_head y rx_fifo_head manipulados en un imagen savevm. Sibiao Luo discovered that QEMU incorrectly hand... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=d8d0a0bc7e194300e53a346d25fe5724fd588387 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4539 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4539
08 Sep 2014 — Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image. Múltiples desbordamientos de buffer en la función tsc210x_load en hw/input/tsc210x.c en QEMU anterior a 1.7.2 podría permitir a atacantes remotos ejecutar código arbitrario a través de un valor (1) precision, (2) nextprecision, (3) function, o (4) next... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=5193be3be35f29a35bc465036cd64ad60d43385f • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 5%CPEs: 92EXPL: 0CVE-2013-4537 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4537
08 Sep 2014 — The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image. La función ssi_sd_transfer en hw/sd/ssi-sd.c en QEMU anterior a 1.7.2 permite a atacantes remotos ejecutar código arbitrario a través de un valor arglen manipulado en un imagen savevm. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service. Michael S. • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=a9c380db3b8c6af19546a68145c8d1438a09c92b • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4538 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4538
08 Sep 2014 — Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image. Múltiples desbordamientos de buffer en la función ssd0323_load en hw/display/ssd0323.c en QEMU anterior a 1.7.2 permiten a atacantes remotos causar una denegación d... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ead7a57df37d2187813a121308213f41591bd811 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4526 – Mandriva Linux Security Advisory 2014-220
https://notcve.org/view.php?id=CVE-2013-4526
08 Sep 2014 — Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports. Desbordamiento de buffer en hw/ide/ahci.c en QEMU anterior a 1.7.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario a través de vectores relacionados con puertos migrantes. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibl... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=ae2158ad6ce0845b2fae2a22aa7f19c0d7a71ce5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 93EXPL: 1CVE-2014-0223 – Qemu: qcow1: validate image size to avoid out-of-bounds memory access
https://notcve.org/view.php?id=CVE-2014-0223
23 Jul 2014 — Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read. Desbordamiento de enteros en la función qcow_open en block/qcow.c en QEMU anterior a 1.7.2 permite a usuarios locales causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un tamaño grande de imagen, lo que provoca un ... • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •