CVSS: 7.5EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4533
https://notcve.org/view.php?id=CVE-2013-4533
Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image. Desbordamiento de buffer en la función pxa2xx_ssp_load en hw/arm/pxa2xx.c en QEMU anterior a 1.7.2 permite a atacantes remotos causar una denegación de servicio o posiblemente ejecutar código arbitrario a través de un valor s->rx_level manipulado en un imagen savevm. • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=caa881abe0e01f9931125a0977ec33c5343e4aa7 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4529 – qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load
https://notcve.org/view.php?id=CVE-2013-4529
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image. Desbordamiento de buffer en hw/pci/pcie_aer.c en QEMU anterior a 1.7.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario a través de un valor log_num grande en un imagen savevm. • http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html http://rhn.redhat.com/errata/RHSA-2014-0927.html https://access.redhat.com/security/cve/CVE-2013-4529 https://bugzilla.redhat.com/show_bug.cgi?id=1066353 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 6%CPEs: 92EXPL: 0CVE-2013-4527 – qemu: hpet: buffer overrun on invalid state load
https://notcve.org/view.php?id=CVE-2013-4527
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers. Desbordamiento de buffer en hw/timer/hpet.c en QEMU anterior a 1.7.2 podría permitir a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con el número de temporizadores. • http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=3f1c49e2136fa08ab1ef3183fd55def308829584 http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html http://rhn.redhat.com/errata/RHSA-2014-0927.html https://access.redhat.com/security/cve/CVE-2013-4527 https://bugzilla.redhat.com/show_bug.cgi?id=1066347 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 93EXPL: 1CVE-2014-0222 – Qemu: qcow1: validate L2 table size to avoid integer overflows
https://notcve.org/view.php?id=CVE-2014-0222
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image. Desbordamiento de enteros en la función qcow_open en block/qcow.c en QEMU anterior a 1.7.2 permite a atacantes remotos causara una denegación de servicio (caída) a través de una tabla L2 grande en un imagen QCOW versión 1. An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html http://www.debian.org/security/2014/dsa-3044 http://www.securityfocus.com/bid/67357 https://lists.gnu.org/archive/html/qemu • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •
CVSS: 4.6EPSS: 0%CPEs: 93EXPL: 1CVE-2014-0223 – Qemu: qcow1: validate image size to avoid out-of-bounds memory access
https://notcve.org/view.php?id=CVE-2014-0223
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read. Desbordamiento de enteros en la función qcow_open en block/qcow.c en QEMU anterior a 1.7.2 permite a usuarios locales causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un tamaño grande de imagen, lo que provoca un desbordamiento de buffer o una lectura fuera de rango. An integer overflow flaw was found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html http://www.debian.org/security/2014/dsa-3044 http://www.securityfocus.com/bid/67391 https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02156.html https://access.redhat.com/security/cve/CVE-2014-0223 https://bugzilla.redhat.com/show_bug.cgi?id=1097222 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-189: Numeric Errors •