CVSS: 6.5EPSS: 0%CPEs: 26EXPL: 0CVE-2016-4020 – Qemu: i386: leakage of stack memory to guest in kvmvapic.c
https://notcve.org/view.php?id=CVE-2016-4020
12 May 2016 — The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR). La función patch_instruction en hw/i386/kvmvapic.c en QEMU no inicializa la variable imm32, lo que permite a administradores locales del SO invitado obtener información sensible de la memoria de pila del anfitrión accediendo al Task Priority Register (TPR). An infor... • http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=691a02e2ce0c413236a78dee6f2651c937b09fb0 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 35EXPL: 0CVE-2016-2857 – Qemu: net: out of bounds read in net_checksum_calculate()
https://notcve.org/view.php?id=CVE-2016-2857
08 Apr 2016 — The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet. La función net_checksum_calculate en net/checksum.c en QEMU permite a usuarios del SO invitado provocar una denegación de servicio (lectura de memoria dinámica fuera de rango y caída) a través de una longitud de la carga útil en un paquete manipulado. An out-of-bounds read-access flaw was found in the QEMU emula... • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=362786f14a753d8a5256ef97d7c10ed576d6572b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •