Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

131 – 140 of 466 results

CVE-2020-10702

Low priority
Fixed

A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Fixed Not affected Not affected
qemu-kvm Not in release Not in release Not in release
Show less packages

CVE-2020-11102

Medium priority
Not affected

hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected Not affected
qemu-kvm Not in release Not in release
Show less packages

CVE-2019-15034

Low priority
Fixed

hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected Not affected Not affected
qemu-kvm Not in release Not in release Not in release
Show less packages

CVE-2019-20382

Low priority
Fixed

QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd.

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected Not affected Not affected Fixed Fixed
qemu-kvm Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-1711

Medium priority

Some fixes available 13 of 14

An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Fixed Fixed Fixed Fixed Fixed
qemu-kvm Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-8608

Medium priority

Some fixes available 17 of 30

In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.

5 affected packages

libslirp, qemu, qemu-kvm, slirp, slirp4netns

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libslirp Fixed Fixed Fixed Not in release Not in release
qemu Not affected Not affected Not affected Fixed Fixed
qemu-kvm Not in release Not in release Not in release Not in release Not in release
slirp Vulnerable Vulnerable Vulnerable Fixed Fixed
slirp4netns Not affected Not affected Needs evaluation Not in release Not in release
Show less packages

CVE-2020-7211

Medium priority
Ignored

tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.

3 affected packages

libslirp, qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libslirp Not in release Not in release
qemu Not affected Not affected
qemu-kvm Not in release Not in release
Show less packages

CVE-2020-7039

Medium priority

Some fixes available 7 of 10

tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS...

4 affected packages

libslirp, qemu, qemu-kvm, slirp

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libslirp Not affected Not affected Not affected Not in release Not in release
qemu Not affected Not affected Not affected Fixed Fixed
qemu-kvm Not in release Not in release Not in release Not in release Not in release
slirp Not affected Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-20175

Negligible priority
Ignored

** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core.c in QEMU 2.4.0 through 4.2.0. The guest system can crash the QEMU process in the host system via a special SCSI_IOCTL_SEND_COMMAND. It hits an assertion that...

2 affected packages

qemu, qemu-kvm

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
qemu Not affected Not affected
qemu-kvm Not in release Not in release
Show less packages

CVE-2013-2016

Low priority
Ignored

A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged...

6 affected packages

kvm, qemu, qemu-kvm, xen-3.1, xen-3.2, xen-3.3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
kvm
qemu
qemu-kvm
xen-3.1
xen-3.2
xen-3.3
Show less packages
  1. Previous page
  2. 12
  3. 13
  4. 14
  5. 15
  6. 16
  7. Next page
Export to JSON