CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3608 – Ubuntu Security Notice USN-5010-1
https://notcve.org/view.php?id=CVE-2021-3608
15 Jul 2021 — A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions prior to 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of an uninitialized pointer. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo en la implementación de QEMU del dispositivo RDMA paravirtual de VMWare en versiones anteriores a 6.1.0. El problema es pro... • https://bugzilla.redhat.com/show_bug.cgi?id=1973383 • CWE-824: Access of Uninitialized Pointer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27661
https://notcve.org/view.php?id=CVE-2020-27661
02 Jun 2021 — A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service. Se encontró un problema de división por cero en la función dwc2_handle_packet en el archivo hw/usb/hcd-dwc2.c en la emulación del controlador de host USB hcd-dwc2 de QEMU. Un huésped malicioso podría utilizar este fallo para bloquear el proceso de QEMU en el host, resul... • https://bugzilla.redhat.com/show_bug.cgi?id=1890653 • CWE-369: Divide By Zero •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3546 – Debian Security Advisory 4980-1
https://notcve.org/view.php?id=CVE-2021-3546
02 Jun 2021 — An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition, or potential code execution with the privileges of the QEMU process. Se ha encontrado una vulnerabilidad de escritura fuera de límites en el dispositivo GPU... • http://www.openwall.com/lists/oss-security/2021/05/31/1 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3545 – Debian Security Advisory 4980-1
https://notcve.org/view.php?id=CVE-2021-3545
02 Jun 2021 — An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the host. Se ha encontrado una vulnerabilidad de divulgación de información en el dispositivo GPU virtio vhost-user (vhost-user-gpu) de QEMU en las versiones hasta... • http://www.openwall.com/lists/oss-security/2021/05/31/1 • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3544 – Debian Security Advisory 4980-1
https://notcve.org/view.php?id=CVE-2021-3544
02 Jun 2021 — Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime. Se han encontrado varias pérdidas de memoria en el dispositivo virtio vhost-user GPU (vhost-user-gpu) de QEMU en las versiones hasta la 6.0 incluyéndola. Se presentan en los archivos contrib/vhost-user-gpu/vhost-user-gpu... • http://www.openwall.com/lists/oss-security/2021/05/31/1 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-35503
https://notcve.org/view.php?id=CVE-2020-35503
02 Jun 2021 — A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callback function while dropping a SCSI request. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo de desreferencia del puntero NULL en la emulación megasas-ge... • https://bugzilla.redhat.com/show_bug.cgi?id=1910346 • CWE-476: NULL Pointer Dereference •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35506 – Gentoo Linux Security Advisory 202208-27
https://notcve.org/view.php?id=CVE-2020-35506
28 May 2021 — A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0 during the handling of the 'Information Transfer' command (CMD_TI). This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service or potential code execution with the privileges of the QEMU process. Se encontró una vulnerabilidad de uso de memoria previamente liberada en la emulación del adaptador bus de host SCSI am53c974 de QEMU en ver... • http://www.openwall.com/lists/oss-security/2021/04/16/3 • CWE-416: Use After Free •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2020-35505 – Ubuntu Security Notice USN-5010-1
https://notcve.org/view.php?id=CVE-2020-35505
28 May 2021 — A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo de desreferencia del puntero NULL en la emulación del adaptador de bus de host SCSI am53c974 de QEMU en versiones ... • http://www.openwall.com/lists/oss-security/2021/04/16/3 • CWE-476: NULL Pointer Dereference •
CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 0CVE-2020-35504 – Gentoo Linux Security Advisory 202208-27
https://notcve.org/view.php?id=CVE-2020-35504
28 May 2021 — A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo de desreferencia del puntero NULL en el soporte de emulación SCSI de QEMU en versiones anteriores a 6.0.0. Este fallo permite a un usuario invitado privilegiado bloquear el proceso QEMU en el host... • http://www.openwall.com/lists/oss-security/2021/04/16/3 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3527 – Ubuntu Security Notice USN-5010-1
https://notcve.org/view.php?id=CVE-2021-3527
26 May 2021 — A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack, resul... • https://bugzilla.redhat.com/show_bug.cgi?id=1955695 • CWE-770: Allocation of Resources Without Limits or Throttling •