Information on source package qemu

Available versions

ReleaseVersion
jessie1:2.1+dfsg-12+deb8u6
jessie (security)1:2.1+dfsg-12+deb8u11
stretch1:2.8+dfsg-6+deb9u5
stretch (security)1:2.8+dfsg-6+deb9u7
buster1:3.1+dfsg-8~deb10u1
bullseye1:3.1+dfsg-8
sid1:3.1+dfsg-8

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-8934vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerablehw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure becau ...
CVE-2019-5008fixedvulnerable (no DSA, ignored)fixedfixedfixedhw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dere ...
CVE-2019-14378vulnerablevulnerablevulnerablevulnerablevulnerableip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overf ...
CVE-2019-13164vulnerablevulnerablevulnerable (no DSA, postponed)vulnerablevulnerableqemu-bridge-helper.c in QEMU 4.0.0 does not ensure that a network inte ...
CVE-2019-12155vulnerablefixedfixedfixedfixedinterface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NUL ...
CVE-2019-12068vulnerablevulnerablevulnerablevulnerablevulnerablescsi: lsi: exit infinite loop while executing script
CVE-2019-12067vulnerablevulnerablevulnerablevulnerablevulnerableide: ahci: add check to avoid null dereference
CVE-2018-20815fixedvulnerablefixedfixedfixedIn QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated ...
CVE-2018-19665vulnerable (no DSA, postponed)vulnerable (no DSA, ignored)fixedfixedfixedThe Bluetooth subsystem in QEMU mishandles negative values for length ...
CVE-2018-18438vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedfixedQemu has integer overflows because IOReadHandler and its associated fu ...
CVE-2018-15746vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedqemu-seccomp.c in QEMU might allow local OS guest users to cause a den ...
CVE-2017-9503fixedvulnerable (no DSA, ignored)fixedfixedfixedQEMU (aka Quick Emulator), when built with MegaRAID SAS 8708EM2 Host B ...
CVE-2017-9375vulnerable (no DSA)fixedfixedfixedfixedQEMU (aka Quick Emulator), when built with USB xHCI controller emulato ...
CVE-2017-15124vulnerable (no DSA, postponed)fixedfixedfixedfixedVNC server implementation in Quick Emulator (QEMU) 2.11.0 and older wa ...
CVE-2017-13672vulnerable (no DSA)fixedfixedfixedfixedQEMU (aka Quick Emulator), when built with the VGA display emulator su ...
CVE-2017-11334vulnerable (no DSA)fixedfixedfixedfixedThe address_space_write_continue function in exec.c in QEMU (aka Quick ...
CVE-2016-9923vulnerable (no DSA, ignored)fixedfixedfixedfixedQuick Emulator (Qemu) built with the 'chardev' backend support is vuln ...
CVE-2016-5403vulnerable (no DSA)fixedfixedfixedfixedThe virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local ...
CVE-2016-5126vulnerable (no DSA)fixedfixedfixedfixedHeap-based buffer overflow in the iscsi_aio_ioctl function in block/is ...
CVE-2015-8817vulnerable (no DSA, ignored)fixedfixedfixedfixedQEMU (aka Quick Emulator) built to use 'address_space_translate' to ma ...

Open unimportant issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-12929vulnerablevulnerablevulnerablevulnerablevulnerable** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is ...
CVE-2019-12928vulnerablevulnerablevulnerablevulnerablevulnerable** DISPUTED ** The QMP migrate command in QEMU version 4.0.0 and earli ...
CVE-2019-12247vulnerablevulnerablevulnerablevulnerablevulnerable** DISPUTED ** QEMU 3.0.0 has an Integer Overflow because the qga/comm ...
CVE-2018-20216fixedfixedvulnerablevulnerablevulnerableQEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c becaus ...
CVE-2018-20191fixedfixedvulnerablevulnerablevulnerablehw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation ...
CVE-2018-20126fixedfixedvulnerablevulnerablevulnerablehw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory ...
CVE-2018-20125fixedfixedvulnerablevulnerablevulnerablehw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of ...
CVE-2018-20124fixedfixedvulnerablevulnerablevulnerablehw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of ...
CVE-2018-20123fixedfixedvulnerablevulnerablevulnerablepvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak ...
CVE-2017-9060fixedvulnerablefixedfixedfixedMemory leak in the virtio_gpu_set_scanout function in hw/display/virti ...
CVE-2017-8284vulnerablevulnerablefixedfixedfixed** DISPUTED ** The disas_insn function in target/i386/translate.c in Q ...
CVE-2017-5578fixedvulnerablefixedfixedfixedMemory leak in the virtio_gpu_resource_attach_backing function in hw/d ...
CVE-2017-5552fixedvulnerablefixedfixedfixedMemory leak in the virgl_resource_attach_backing function in hw/displa ...
CVE-2016-10028fixedvulnerablefixedfixedfixedThe virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEM ...

Resolved issues

BugDescription
CVE-2019-9824tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 u ...
CVE-2019-6778In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer ove ...
CVE-2019-6501In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allow ...
CVE-2019-3812QEMU, through version 2.10 and through version 3.1.0, is vulnerable to ...
CVE-2018-7858Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Em ...
CVE-2018-7550The load_multiboot function in hw/i386/multiboot.c in Quick Emulator ( ...
CVE-2018-5683The vga_draw_text function in Qemu allows local OS guest privileged us ...
CVE-2018-19489v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a de ...
CVE-2018-19364hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while ...
CVE-2018-18954The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 al ...
CVE-2018-18849In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-boun ...
CVE-2018-17963qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes grea ...
CVE-2018-17962Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because ...
CVE-2018-17958Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c b ...
CVE-2018-16872A flaw was found in qemu Media Transfer Protocol (MTP). The code openi ...
CVE-2018-16867A flaw was found in qemu Media Transfer Protocol (MTP) before version ...
CVE-2018-16847An OOB heap buffer r/w access issue was found in the NVM Express Contr ...
CVE-2018-12617qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c i ...
CVE-2018-11806m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via inc ...
CVE-2018-10839Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support ...
CVE-2017-9524The qemu-nbd server in QEMU (aka Quick Emulator), when built with the ...
CVE-2017-9374Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emu ...
CVE-2017-9373Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emu ...
CVE-2017-9330QEMU (aka Quick Emulator) before 2.9.0, when built with the USB OHCI E ...
CVE-2017-9310QEMU (aka Quick Emulator), when built with the e1000e NIC emulation su ...
CVE-2017-8380Buffer overflow in the "megasas_mmio_write" function in Qemu 2.9.0 all ...
CVE-2017-8379Memory leak in the keyboard input event handlers support in QEMU (aka ...
CVE-2017-8309Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows r ...
CVE-2017-8112hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest O ...
CVE-2017-8086Memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c in Q ...
CVE-2017-7980Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick E ...
CVE-2017-7718hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local ...
CVE-2017-7539An assertion-failure flaw was found in Qemu before 2.10.1, in the Netw ...
CVE-2017-7493Quick Emulator (Qemu) built with the VirtFS, host directory sharing vi ...
CVE-2017-7471Quick Emulator (Qemu) built with the VirtFS, host directory sharing vi ...
CVE-2017-7377The (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in ...
CVE-2017-6505The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Qu ...
CVE-2017-6058Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU ( ...
CVE-2017-5987The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...
CVE-2017-5973The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick E ...
CVE-2017-5931Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emula ...
CVE-2017-5898Integer overflow in the emulated_apdu_from_guest function in usb/dev-s ...
CVE-2017-5857Memory leak in the virgl_cmd_resource_unref function in hw/display/vir ...
CVE-2017-5856Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c i ...
CVE-2017-5715Systems with microprocessors utilizing speculative execution and indir ...
CVE-2017-5667The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...
CVE-2017-5579Memory leak in the serial_exit_core function in hw/char/serial.c in QE ...
CVE-2017-5526Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows l ...
CVE-2017-5525Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows loc ...
CVE-2017-2633An out-of-bounds memory access issue was found in Quick Emulator (QEMU ...
CVE-2017-2630A stack buffer overflow flaw was found in the Quick Emulator (QEMU) be ...
CVE-2017-2620Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA E ...
CVE-2017-2615Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator sup ...
CVE-2017-18043Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) ...
CVE-2017-18030The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qe ...
CVE-2017-17381The Virtio Vring implementation in QEMU allows local OS guest users to ...
CVE-2017-16845hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values dur ...
CVE-2017-15289The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow ...
CVE-2017-15268Qemu through 2.10.0 allows remote attackers to cause a memory leak by ...
CVE-2017-15119The Network Block Device (NBD) server in Quick Emulator (QEMU) before ...
CVE-2017-15118A stack-based buffer overflow vulnerability was found in NBD server im ...
CVE-2017-15038Race condition in the v9fs_xattrwalk function in hw/9pfs/9p.c in QEMU ...
CVE-2017-14167Integer overflow in the load_multiboot function in hw/i386/multiboot.c ...
CVE-2017-13711Use-after-free vulnerability in the sofree function in slirp/socket.c ...
CVE-2017-13673The vga display update in mis-calculated the region for the dirty bitm ...
CVE-2017-12809QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM ...
CVE-2017-11434The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) ...
CVE-2017-10911The make_response function in drivers/block/xen-blkback/blkback.c in t ...
CVE-2017-10806Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Em ...
CVE-2017-10664qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which a ...
CVE-2016-9922The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Qu ...
CVE-2016-9921Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator sup ...
CVE-2016-9916Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows ...
CVE-2016-9915Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows ...
CVE-2016-9914Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local ...
CVE-2016-9913Memory leak in the v9fs_device_unrealize_common function in hw/9pfs/9p ...
CVE-2016-9912Quick Emulator (Qemu) built with the Virtio GPU Device emulator suppor ...
CVE-2016-9911Quick Emulator (Qemu) built with the USB EHCI Emulation support is vul ...
CVE-2016-9908Quick Emulator (Qemu) built with the Virtio GPU Device emulator suppor ...
CVE-2016-9907Quick Emulator (Qemu) built with the USB redirector usb-guest support ...
CVE-2016-9846QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator su ...
CVE-2016-9845QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator su ...
CVE-2016-9776QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Contro ...
CVE-2016-9637The (1) ioport_read and (2) ioport_write functions in Xen, when qemu i ...
CVE-2016-9603A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA e ...
CVE-2016-9602Qemu before version 2.9 is vulnerable to an improper link following wh ...
CVE-2016-9106Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Qu ...
CVE-2016-9105Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Qui ...
CVE-2016-9104Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xat ...
CVE-2016-9103The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emula ...
CVE-2016-9102Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ( ...
CVE-2016-9101Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows l ...
CVE-2016-8910The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Q ...
CVE-2016-8909The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick ...
CVE-2016-8669The serial_update_parameters function in hw/char/serial.c in QEMU (aka ...
CVE-2016-8668The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Q ...
CVE-2016-8667The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulat ...
CVE-2016-8578The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (ak ...
CVE-2016-8577Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Qui ...
CVE-2016-8576The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick E ...
CVE-2016-7995Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in Q ...
CVE-2016-7994Memory leak in the virtio_gpu_resource_create_2d function in hw/displa ...
CVE-2016-7909The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emul ...
CVE-2016-7908The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emul ...
CVE-2016-7907The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emul ...
CVE-2016-7466Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU ...
CVE-2016-7423The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulato ...
CVE-2016-7422The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Qui ...
CVE-2016-7421The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...
CVE-2016-7170The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka Q ...
CVE-2016-7161Heap-based buffer overflow in the .receive callback of xlnx.xps-ethern ...
CVE-2016-7157The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 func ...
CVE-2016-7156The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (ak ...
CVE-2016-7155hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest O ...
CVE-2016-7116Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick E ...
CVE-2016-6888Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt. ...
CVE-2016-6836The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...
CVE-2016-6835The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in ...
CVE-2016-6834The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in ...
CVE-2016-6833Use-after-free vulnerability in the vmxnet3_io_bar0_write function in ...
CVE-2016-6490The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Qui ...
CVE-2016-6351The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), ...
CVE-2016-5338The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c ...
CVE-2016-5337The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows ...
CVE-2016-5238The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest ...
CVE-2016-5107The megasas_lookup_frame function in QEMU, when built with MegaRAID SA ...
CVE-2016-5106The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, ...
CVE-2016-5105The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when ...
CVE-2016-4964The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Qu ...
CVE-2016-4952QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual S ...
CVE-2016-4454The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU a ...
CVE-2016-4453The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...
CVE-2016-4441The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controlle ...
CVE-2016-4439The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Con ...
CVE-2016-4037The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows lo ...
CVE-2016-4020The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not ...
CVE-2016-4002Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in ...
CVE-2016-4001Buffer overflow in the stellaris_enet_receive function in hw/net/stell ...
CVE-2016-3712Integer overflow in the VGA module in QEMU allows local guest OS users ...
CVE-2016-3710The VGA module in QEMU improperly performs bounds checking on banked a ...
CVE-2016-2858QEMU, when built with the Pseudo Random Number Generator (PRNG) back-e ...
CVE-2016-2857The net_checksum_calculate function in net/checksum.c in QEMU allows l ...
CVE-2016-2841The ne2000_receive function in the NE2000 NIC emulation support (hw/ne ...
CVE-2016-2538Multiple integer overflows in the USB Net device emulator (hw/usb/dev- ...
CVE-2016-2392The is_rndis function in the USB Net device emulator (hw/usb/dev-netwo ...
CVE-2016-2391The ohci_bus_start function in the USB OHCI emulation support (hw/usb/ ...
CVE-2016-2198QEMU (aka Quick Emulator) built with the USB EHCI emulation support is ...
CVE-2016-2197QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is ...
CVE-2016-1981QEMU (aka Quick Emulator) built with the e1000 NIC emulation support i ...
CVE-2016-1922QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit W ...
CVE-2016-1714The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg. ...
CVE-2016-1568Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with ...
CVE-2016-10155Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) ...
CVE-2016-10029The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built ...
CVE-2015-8818The cpu_physical_memory_write_rom_internal function in exec.c in QEMU ...
CVE-2015-8745QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8744QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8743QEMU (aka Quick Emulator) built with the NE2000 device emulation suppo ...
CVE-2015-8701QEMU (aka Quick Emulator) built with the Rocker switch emulation suppo ...
CVE-2015-8666Heap-based buffer overflow in QEMU, when built with the Q35-chipset-ba ...
CVE-2015-8619The Human Monitor Interface support in QEMU allows remote attackers to ...
CVE-2015-8613Stack-based buffer overflow in the megasas_ctrl_get_info function in Q ...
CVE-2015-8568Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8567Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause ...
CVE-2015-8558The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows loca ...
CVE-2015-8556Local privilege escalation vulnerability in the Gentoo QEMU package be ...
CVE-2015-8550Xen, when used on a system providing PV backends, allows local guest O ...
CVE-2015-8504Qemu, when built with VNC display driver support, allows remote attack ...
CVE-2015-8345The eepro100 emulator in QEMU qemu-kvm blank allows local guest users ...
CVE-2015-7549The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) a ...
CVE-2015-7512Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEM ...
CVE-2015-7504Heap-based buffer overflow in the pcnet_receive function in hw/net/pcn ...
CVE-2015-7295hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support ...
CVE-2015-6855hw/ide/core.c in QEMU does not properly restrict the commands accepted ...
CVE-2015-6815Qemu: net: e1000 infinite loop issue
CVE-2015-5745buffer overflow in virtio-serial
CVE-2015-5279Heap-based buffer overflow in the ne2000_receive function in hw/net/ne ...
CVE-2015-5278net: avoid infinite loop when receiving packets
CVE-2015-5239Integer overflow in vnc_client_read() and protocol_client_msg()
CVE-2015-5225Buffer overflow in the vnc_refresh_server_surface function in the VNC ...
CVE-2015-5166Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ...
CVE-2015-5165The C+ mode offload emulation in the RTL8139 network card device model ...
CVE-2015-5158Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built ...
CVE-2015-5154Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xe ...
CVE-2015-4106QEMU does not properly restrict write access to the PCI config space f ...
CVE-2015-4105Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through err ...
CVE-2015-4104Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI m ...
CVE-2015-4103Xen 3.3.x through 4.5.x does not properly restrict write access to the ...
CVE-2015-4037The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier create ...
CVE-2015-3456The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and ear ...
CVE-2015-3214The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and Q ...
CVE-2015-3209Heap-based buffer overflow in the PCNET controller in QEMU allows remo ...
CVE-2015-2756QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict a ...
CVE-2015-1779The VNC websocket frame decoder in QEMU allows remote attackers to cau ...
CVE-2014-9718The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in ...
CVE-2014-8106Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirr ...
CVE-2014-7840The host_from_stream_offset function in arch_init.c in QEMU, when load ...
CVE-2014-7815The set_pixel_format function in ui/vnc.c in QEMU allows remote attack ...
CVE-2014-5388Off-by-one error in the pci_read function in the ACPI PCI hotplug inte ...
CVE-2014-5263vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not termina ...
CVE-2014-3689The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local g ...
CVE-2014-3640The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local ...
CVE-2014-3615The VGA emulator in QEMU allows local guest users to read host memory ...
CVE-2014-3471Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emula ...
CVE-2014-3461hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrar ...
CVE-2014-2894Off-by-one error in the cmd_smart function in the smart self test in h ...
CVE-2014-0223Integer overflow in the qcow_open function in block/qcow.c in QEMU bef ...
CVE-2014-0222Integer overflow in the qcow_open function in block/qcow.c in QEMU bef ...
CVE-2014-0182Heap-based buffer overflow in the virtio_load function in hw/virtio/vi ...
CVE-2014-0150Integer overflow in the virtio_net_handle_mac function in hw/net/virti ...
CVE-2014-0148
CVE-2014-0147
CVE-2014-0146The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 an ...
CVE-2014-0145Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, a ...
CVE-2014-0144
CVE-2014-0143Multiple integer overflows in the block drivers in QEMU, possibly befo ...
CVE-2014-0142QEMU, possibly before 2.0.0, allows local users to cause a denial of s ...
CVE-2013-6399Array index error in the virtio_load function in hw/virtio/virtio.c in ...
CVE-2013-4544hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local gu ...
CVE-2013-4542The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU be ...
CVE-2013-4541The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 ...
CVE-2013-4540Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 migh ...
CVE-2013-4539Multiple buffer overflows in the tsc210x_load function in hw/input/tsc ...
CVE-2013-4538Multiple buffer overflows in the ssd0323_load function in hw/display/s ...
CVE-2013-4537The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 al ...
CVE-2013-4536
CVE-2013-4535
CVE-2013-4534Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remot ...
CVE-2013-4533Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in ...
CVE-2013-4532
CVE-2013-4531Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows re ...
CVE-2013-4530Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote a ...
CVE-2013-4529Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remot ...
CVE-2013-4527Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow re ...
CVE-2013-4526Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote at ...
CVE-2013-4377Use-after-free vulnerability in the virtio-pci implementation in Qemu ...
CVE-2013-4375The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4. ...
CVE-2013-4344Buffer overflow in the SCSI implementation in QEMU, as used in Xen, wh ...
CVE-2013-4151The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 a ...
CVE-2013-4150The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 thro ...
CVE-2013-4149Buffer overflow in virtio_net_load function in net/virtio-net.c in QEM ...
CVE-2013-4148Integer signedness error in the virtio_net_load function in hw/net/vir ...
CVE-2013-2231Unquoted Windows search path vulnerability in the QEMU Guest Agent ser ...
CVE-2013-2016qemu: virtio: out-of-bounds config space access
CVE-2013-2007The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when s ...
CVE-2013-1922qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw ...
CVE-2012-6075Buffer overflow in the e1000_receive function in the e1000 device driv ...
CVE-2012-3515Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulat ...
CVE-2012-2652The bdrv_open function in Qemu 1.0 does not properly handle the failur ...
CVE-2011-4111Buffer overflow in the ccid_card_vscard_handle_message function in hw/ ...
CVE-2009-3616Multiple use-after-free vulnerabilities in vnc.c in the VNC server in ...
CVE-2008-5714Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for r ...
CVE-2008-4553qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local ...
CVE-2008-4539Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM ...
CVE-2008-2382The protocol_client_msg function in vnc.c in the VNC server in (1) Qem ...
CVE-2008-2004The drive_init function in QEMU 0.9.1 determines the format of a raw d ...
CVE-2008-1945QEMU 0.9.0 does not properly handle changes to removable media, which ...
CVE-2008-0928Qemu 0.9.1 and earlier does not perform range checks for block device ...
CVE-2007-6227QEMU 0.9.0 allows local users of a Windows XP SP2 guest operating syst ...
CVE-2007-5730Heap-based buffer overflow in QEMU 0.8.2, as used in Xen and possibly ...
CVE-2007-5729The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitr ...
CVE-2007-1366QEMU 0.8.2 allows local users to crash a virtual machine via the divis ...
CVE-2007-1322QEMU 0.8.2 allows local users to halt a virtual machine by executing t ...
CVE-2007-1321Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used ...
CVE-2007-1320Multiple heap-based buffer overflows in the cirrus_invalidate_region f ...

Security announcements

DSA / DLADescription
DSA-4454-2qemu - regression update
DSA-4454-1qemu - security update
DLA-1781-1qemu - security update
DLA-1694-1qemu - security update
DLA-1646-1qemu - security update
DLA-1599-1qemu - security update
DSA-4338-1qemu - security update
DLA-1497-1qemu - security update
DSA-4213-1qemu - security update
DLA-1351-1qemu - security update
DLA-1129-1qemu - security update
DSA-3991-1qemu - security update
DLA-1070-1qemu - security update
DSA-3925-1qemu - security update
DSA-3920-1qemu - security update
DLA-1035-1qemu - security update
DLA-845-1qemu - security update
DLA-764-1qemu - security update
DLA-698-1qemu - security update
DLA-678-1qemu - security update
DLA-652-1qemu - security update
DLA-618-1qemu - security update
DLA-573-1qemu - security update
DLA-540-1qemu - security update
DSA-3573-1qemu - security update
DSA-3471-1qemu - security update
DSA-3469-1qemu - security update
DSA-3361-1qemu - security update
DSA-3361-1qemu - security update
DSA-3348-1qemu - security update
DLA-248-1qemu - security update
DSA-3284-1qemu - security update
DSA-3259-1qemu - security update
DSA-3087-1qemu - security update
DSA-3066-1qemu - security update
DSA-3045-1qemu - security update
DSA-2932-1qemu - security update
DSA-2909-1qemu - security update
DSA-2909-1qemu - security update
DSA-2608-1qemu - buffer overflow
DSA-2545-1qemu - multiple
DSA-1799-1qemu - several vulnerabilities
DSA-1799-1qemu - several vulnerabilities
DSA-1657-1qemu - denial of service
DSA-1284-1qemu
DSA-1284-1qemu

Search for package or bug name: Reporting problems