CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5263 – Gentoo Linux Security Advisory 201412-01
https://notcve.org/view.php?id=CVE-2014-5263
26 Aug 2014 — vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not terminate the list with the VMSTATE_END_OF_LIST macro, which allows attackers to cause a denial of service (out-of-bounds access, infinite loop, and memory corruption) and possibly gain privileges via unspecified vectors. vmstate_xhci_event en hw/usb/hcd-xhci.c en QEMU 1.6.0 no termina la lista con la macro VMSTATE_END_OF_LIST, lo que permite a atacantes causar una denegación de servicio (acceso fuera de rango, bucle infinito, y corrupción de me... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3afca1d6d413592c2b78cf28f52fa24a586d8f56 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 4%CPEs: 21EXPL: 0CVE-2013-4149 – qemu: virtio-net: out-of-bounds buffer write on load
https://notcve.org/view.php?id=CVE-2013-4149
23 Jul 2014 — Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table. Desbordamiento de buffer en la función virtio_net_load en net/virtio-net.c en QEMU 1.3.0 hasta 1.7.x anterior a 1.7.2 podría permitir a atacantes remotos ejecutar código arbitrario a través de una tabla MAC grande. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this fl... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=98f93ddd84800f207889491e0b5d851386b459cf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 14EXPL: 0CVE-2013-4150 – qemu: virtio-net: out-of-bounds buffer write on invalid state load
https://notcve.org/view.php?id=CVE-2013-4150
23 Jul 2014 — The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is greater than max_queues, which triggers an out-of-bounds write. La función virtio_net_load en hw/net/virtio-net.c en QEMU 1.5.0 hasta 1.7.x anterior a 1.7.2 permite a atacantes remotos causar una denegación de servicio o posiblemente ejecutar código arbitrario a través de vectores ... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=eea750a5623ddac7a61982eec8f1c93481857578 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 4%CPEs: 92EXPL: 0CVE-2013-4527 – qemu: hpet: buffer overrun on invalid state load
https://notcve.org/view.php?id=CVE-2013-4527
23 Jul 2014 — Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers. Desbordamiento de buffer en hw/timer/hpet.c en QEMU anterior a 1.7.2 podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con el número de temporizadores. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service. Michael S.... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3f1c49e2136fa08ab1ef3183fd55def308829584 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 92EXPL: 0CVE-2013-4529 – qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load
https://notcve.org/view.php?id=CVE-2013-4529
23 Jul 2014 — Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image. Desbordamiento de buffer en hw/pci/pcie_aer.c en QEMU anterior a 1.7.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario a través de un valor log_num grande en un imagen savevm. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user ... • http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 93EXPL: 1CVE-2014-0222 – Qemu: qcow1: validate L2 table size to avoid integer overflows
https://notcve.org/view.php?id=CVE-2014-0222
23 Jul 2014 — Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image. Desbordamiento de enteros en la función qcow_open en block/qcow.c en QEMU anterior a 1.7.2 permite a atacantes remotos causara una denegación de servicio (caída) a través de una tabla L2 grande en un imagen QCOW versión 1. An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user a... • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.8EPSS: 0%CPEs: 93EXPL: 1CVE-2014-0223 – Qemu: qcow1: validate image size to avoid out-of-bounds memory access
https://notcve.org/view.php?id=CVE-2014-0223
23 Jul 2014 — Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read. Desbordamiento de enteros en la función qcow_open en block/qcow.c en QEMU anterior a 1.7.2 permite a usuarios locales causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un tamaño grande de imagen, lo que provoca un ... • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.2EPSS: 3%CPEs: 1EXPL: 0CVE-2014-3461 – Qemu: usb: fix up post load checks
https://notcve.org/view.php?id=CVE-2014-3461
11 Jun 2014 — hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks." hw/usb/bus.c en QEMU 1.6.2 permite a atacantes remotos ejecutar código arbitrario a través de datos savevm manipulados, lo que provoca un desbordamiento de buffer basado en memoria dinámica, relacionado con 'comprobaciones de cargas de correo de USB.' Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A l... • http://article.gmane.org/gmane.comp.emulators.qemu/272092 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 3%CPEs: 27EXPL: 0CVE-2013-4148 – qemu: virtio-net: buffer overflow on invalid state load
https://notcve.org/view.php?id=CVE-2013-4148
11 Jun 2014 — Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow. Error de signo de enteros en la función virtio_net_load en hw/net/virtio-net.c en QEMU 1.x anterior a 1.7.2 permite a atacantes remotos ejecutar código arbitrario a través de un imagen savevm manipulado, lo que provoca un desbordamiento de buffer. Sibiao Luo discovered that QEMU incorrectly han... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=71f7fe48e10a8437c9d42d859389f37157f59980 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 0CVE-2013-4151 – qemu: virtio: out-of-bounds buffer write on invalid state load
https://notcve.org/view.php?id=CVE-2013-4151
11 Jun 2014 — The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write. La función virtio_load en virtio/virtio.c en QEMU 1.x anterior a 1.7.2 permite a atacantes remotos ejecutar código arbitrario a través de un imagen savevm manipulado, lo que provoca una escritura fuera de rango. Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this fl... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=cc45995294b92d95319b4782750a3580cabdbc0c • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-787: Out-of-bounds Write •