Information on source package qemu-kvm

Available versions

ReleaseVersion
wheezy1.1.2+dfsg-6+deb7u12
wheezy (security)1.1.2+dfsg-6+deb7u20

Open issues

BugwheezyDescription
CVE-2017-7980vulnerable
CVE-2017-7718vulnerablehw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allow local ...
CVE-2017-7471vulnerable9p: virtfs allows guest to change filesystem attributes on host
CVE-2017-7377vulnerableThe (1) v9fs_create and (2) v9fs_lcreate functions in hw/9pfs/9p.c in ...
CVE-2017-6505vulnerableThe ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka ...
CVE-2017-5579vulnerable (no DSA)Memory leak in the serial_exit_core function in hw/char/serial.c in ...
CVE-2017-5526vulnerable (no DSA)Memory leak in hw/audio/es1370.c in QEMU (aka Quick Emulator) allows ...
CVE-2017-5525vulnerable (no DSA)Memory leak in hw/audio/ac97.c in QEMU (aka Quick Emulator) allows ...
CVE-2017-2633vulnerableVNC: memory corruption due to unchecked resolution limit
CVE-2016-9923vulnerable (no DSA)Quick Emulator (Qemu) built with the 'chardev' backend support is ...
CVE-2016-9916vulnerable (no DSA)Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows ...
CVE-2016-9915vulnerable (no DSA)Memory leak in hw/9pfs/9p-handle.c in QEMU (aka Quick Emulator) allows ...
CVE-2016-9914vulnerable (no DSA)Memory leak in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local ...
CVE-2016-9603vulnerablecirrus: heap buffer overflow via vnc connection
CVE-2016-9602vulnerable9p: virtfs allows guest to access host filesystem
CVE-2016-5338vulnerable (no DSA)The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c ...
CVE-2016-5238vulnerable (no DSA)The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest ...
CVE-2016-4454vulnerable (no DSA)The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU ...
CVE-2016-4453vulnerable (no DSA)The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows ...
CVE-2016-4441vulnerable (no DSA)The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI ...
CVE-2016-4037vulnerable (no DSA)The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows ...
CVE-2016-4002vulnerable (no DSA)Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in ...
CVE-2016-4001vulnerable (no DSA)Buffer overflow in the stellaris_enet_receive function in ...
CVE-2016-2841vulnerable (no DSA)The ne2000_receive function in the NE2000 NIC emulation support ...
CVE-2016-2538vulnerable (no DSA)Multiple integer overflows in the USB Net device emulator ...
CVE-2016-2392vulnerable (no DSA)The is_rndis function in the USB Net device emulator ...
CVE-2016-2391vulnerable (no DSA)The ohci_bus_start function in the USB OHCI emulation support ...
CVE-2016-10155vulnerable (no DSA)Memory leak in hw/watchdog/wdt_i6300esb.c in QEMU (aka Quick Emulator) ...
CVE-2015-8666vulnerable (no DSA)Heap-based buffer overflow in QEMU, when built with the ...
CVE-2014-7840vulnerable (no DSA)The host_from_stream_offset function in arch_init.c in QEMU, when ...
CVE-2014-3461vulnerable (no DSA)hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute ...
CVE-2014-0182vulnerable (no DSA)Heap-based buffer overflow in the virtio_load function in ...
CVE-2013-6399vulnerable (no DSA)Array index error in the virtio_load function in hw/virtio/virtio.c in ...
CVE-2013-4542vulnerable (no DSA)The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU ...
CVE-2013-4541vulnerable (no DSA)The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 ...
CVE-2013-4540vulnerable (no DSA)Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 ...
CVE-2013-4539vulnerable (no DSA)Multiple buffer overflows in the tsc210x_load function in ...
CVE-2013-4538vulnerable (no DSA)Multiple buffer overflows in the ssd0323_load function in ...
CVE-2013-4537vulnerable (no DSA)The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 ...
CVE-2013-4536vulnerable (no DSA)
CVE-2013-4535vulnerable (no DSA)
CVE-2013-4534vulnerable (no DSA)Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows ...
CVE-2013-4533vulnerable (no DSA)Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in ...
CVE-2013-4532vulnerable (no DSA)
CVE-2013-4531vulnerable (no DSA)Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows ...
CVE-2013-4530vulnerable (no DSA)Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote ...
CVE-2013-4529vulnerable (no DSA)Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows ...
CVE-2013-4527vulnerable (no DSA)Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow ...
CVE-2013-4526vulnerable (no DSA)Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote ...
CVE-2013-4151vulnerable (no DSA)The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 ...
CVE-2013-4150vulnerable (no DSA)The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 ...
CVE-2013-4149vulnerable (no DSA)Buffer overflow in virtio_net_load function in net/virtio-net.c in ...
CVE-2013-4148vulnerable (no DSA)Integer signedness error in the virtio_net_load function in ...

Open unimportant issues

BugwheezyDescription
CVE-2015-8619vulnerableThe Human Monitor Interface support in QEMU allows remote attackers to ...
CVE-2014-9718vulnerableThe (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in ...

Resolved issues

BugDescription
CVE-2017-6058Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU ...
CVE-2017-5987The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...
CVE-2017-5973The xhci_kick_epctx function in hw/usb/hcd-xhci.c in QEMU (aka Quick ...
CVE-2017-5931Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick ...
CVE-2017-5898Integer overflow in the emulated_apdu_from_guest function in ...
CVE-2017-5857Memory leak in the virgl_cmd_resource_unref function in ...
CVE-2017-5856Memory leak in the megasas_handle_dcmd function in hw/scsi/megasas.c ...
CVE-2017-5667The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU ...
CVE-2017-5578Memory leak in the virtio_gpu_resource_attach_backing function in ...
CVE-2017-5552Memory leak in the virgl_resource_attach_backing function in ...
CVE-2017-2630nbd: oob stack write in client routine drop_sync
CVE-2017-2620display: cirrus: out-of-bounds access issue while in cirrus_bitblt_cputovideo
CVE-2017-2615
CVE-2016-9922The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka ...
CVE-2016-9921Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator ...
CVE-2016-9913Memory leak in the v9fs_device_unrealize_common function in ...
CVE-2016-9912Quick Emulator (Qemu) built with the Virtio GPU Device emulator ...
CVE-2016-9911Quick Emulator (Qemu) built with the USB EHCI Emulation support is ...
CVE-2016-9908Quick Emulator (Qemu) built with the Virtio GPU Device emulator ...
CVE-2016-9907Quick Emulator (Qemu) built with the USB redirector usb-guest support ...
CVE-2016-9846QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator ...
CVE-2016-9845QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator ...
CVE-2016-9776QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet ...
CVE-2016-9637The (1) ioport_read and (2) ioport_write functions in Xen, when qemu ...
CVE-2016-9106Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka ...
CVE-2016-9105Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka ...
CVE-2016-9104Multiple integer overflows in the (1) v9fs_xattr_read and (2) ...
CVE-2016-9103The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick ...
CVE-2016-9102Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU ...
CVE-2016-9101Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows ...
CVE-2016-8910The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka ...
CVE-2016-8909The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick ...
CVE-2016-8669The serial_update_parameters function in hw/char/serial.c in QEMU (aka ...
CVE-2016-8668The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka ...
CVE-2016-8667The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick ...
CVE-2016-8578The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU ...
CVE-2016-8577Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka ...
CVE-2016-8576The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick ...
CVE-2016-7995Memory leak in the ehci_process_itd function in hw/usb/hcd-ehci.c in ...
CVE-2016-7994Memory leak in the virtio_gpu_resource_create_2d function in ...
CVE-2016-7909The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick ...
CVE-2016-7908The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick ...
CVE-2016-7907The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick ...
CVE-2016-7466Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU ...
CVE-2016-7423The mptsas_process_scsi_io_request function in QEMU (aka Quick ...
CVE-2016-7422The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka ...
CVE-2016-7421The pvscsi_ring_pop_req_descr function in hw/scsi/vmw_pvscsi.c in QEMU ...
CVE-2016-7170The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU (aka ...
CVE-2016-7161Heap-based buffer overflow in the .receive callback of ...
CVE-2016-7157The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 ...
CVE-2016-7156The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU ...
CVE-2016-7155hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest ...
CVE-2016-7116Directory traversal vulnerability in hw/9pfs/9p.c in QEMU (aka Quick ...
CVE-2016-6888Integer overflow in the net_tx_pkt_init function in ...
CVE-2016-6836The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...
CVE-2016-6835The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in ...
CVE-2016-6834The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in ...
CVE-2016-6833Use-after-free vulnerability in the vmxnet3_io_bar0_write function in ...
CVE-2016-6490The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka ...
CVE-2016-6351The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), ...
CVE-2016-5403The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local ...
CVE-2016-5337The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows ...
CVE-2016-5126Heap-based buffer overflow in the iscsi_aio_ioctl function in ...
CVE-2016-5107The megasas_lookup_frame function in QEMU, when built with MegaRAID ...
CVE-2016-5106The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, ...
CVE-2016-5105The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when ...
CVE-2016-4964The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka ...
CVE-2016-4952QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual ...
CVE-2016-4439The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI ...
CVE-2016-4020The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not ...
CVE-2016-3712Integer overflow in the VGA module in QEMU allows local guest OS users ...
CVE-2016-3710The VGA module in QEMU improperly performs bounds checking on banked ...
CVE-2016-2858QEMU, when built with the Pseudo Random Number Generator (PRNG) ...
CVE-2016-2857The net_checksum_calculate function in net/checksum.c in QEMU allows ...
CVE-2016-2198QEMU (aka Quick Emulator) built with the USB EHCI emulation support is ...
CVE-2016-2197QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is ...
CVE-2016-1981QEMU (aka Quick Emulator) built with the e1000 NIC emulation support ...
CVE-2016-1922QEMU (aka Quick Emulator) built with the TPR optimization for 32-bit ...
CVE-2016-1714The (1) fw_cfg_write and (2) fw_cfg_read functions in ...
CVE-2016-1568Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with ...
CVE-2016-10029The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built ...
CVE-2016-10028The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in ...
CVE-2015-8818The cpu_physical_memory_write_rom_internal function in exec.c in QEMU ...
CVE-2015-8817QEMU (aka Quick Emulator) built to use 'address_space_translate' to ...
CVE-2015-8745QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8744QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8743QEMU (aka Quick Emulator) built with the NE2000 device emulation ...
CVE-2015-8701QEMU (aka Quick Emulator) built with the Rocker switch emulation ...
CVE-2015-8613Stack-based buffer overflow in the megasas_ctrl_get_info function in ...
CVE-2015-8568Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC ...
CVE-2015-8567Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause ...
CVE-2015-8558The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows ...
CVE-2015-8550Xen, when used on a system providing PV backends, allows local guest ...
CVE-2015-8504Qemu, when built with VNC display driver support, allows remote ...
CVE-2015-8345The eepro100 emulator in QEMU qemu-kvm blank allows local guest users ...
CVE-2015-7549pci: msi-x: null pointer dereference issue
CVE-2015-7512Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in ...
CVE-2015-7504net: pcnet: heap overflow vulnerability in loopback mode
CVE-2015-7295hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support ...
CVE-2015-6855hw/ide/core.c in QEMU does not properly restrict the commands accepted ...
CVE-2015-6815Qemu: net: e1000 infinite loop issue
CVE-2015-5745buffer overflow in virtio-serial
CVE-2015-5279Heap-based buffer overflow in the ne2000_receive function in ...
CVE-2015-5278net: avoid infinite loop when receiving packets
CVE-2015-5239Integer overflow in vnc_client_read() and protocol_client_msg()
CVE-2015-5225Buffer overflow in the vnc_refresh_server_surface function in the VNC ...
CVE-2015-5166Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not ...
CVE-2015-5165The C+ mode offload emulation in the RTL8139 network card device model ...
CVE-2015-5158Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built ...
CVE-2015-5154Heap-based buffer overflow in the IDE subsystem in QEMU, as used in ...
CVE-2015-4106QEMU does not properly restrict write access to the PCI config space ...
CVE-2015-4105Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through ...
CVE-2015-4104Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI ...
CVE-2015-4103Xen 3.3.x through 4.5.x does not properly restrict write access to the ...
CVE-2015-4037The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier ...
CVE-2015-3456The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and ...
CVE-2015-3214The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and ...
CVE-2015-3209Heap-based buffer overflow in the PCNET controller in QEMU allows ...
CVE-2015-2756QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict ...
CVE-2015-1779The VNC websocket frame decoder in QEMU allows remote attackers to ...
CVE-2014-8106Heap-based buffer overflow in the Cirrus VGA emulator ...
CVE-2014-7815The set_pixel_format function in ui/vnc.c in QEMU allows remote ...
CVE-2014-5388Off-by-one error in the pci_read function in the ACPI PCI hotplug ...
CVE-2014-5263vmstate_xhci_event in hw/usb/hcd-xhci.c in QEMU 1.6.0 does not ...
CVE-2014-3689The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local ...
CVE-2014-3640The sosendto function in slirp/udp.c in QEMU before 2.1.2 allows local ...
CVE-2014-3615The VGA emulator in QEMU allows local guest users to read host memory ...
CVE-2014-3471hw: pci: use after free triggered via guest
CVE-2014-2894Off-by-one error in the cmd_smart function in the smart self test in ...
CVE-2014-0223Integer overflow in the qcow_open function in block/qcow.c in QEMU ...
CVE-2014-0222Integer overflow in the qcow_open function in block/qcow.c in QEMU ...
CVE-2014-0150Integer overflow in the virtio_net_handle_mac function in ...
CVE-2014-0148
CVE-2014-0147
CVE-2014-0146
CVE-2014-0145
CVE-2014-0144
CVE-2014-0143
CVE-2014-0142
CVE-2013-4544hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local ...
CVE-2013-4377Use-after-free vulnerability in the virtio-pci implementation in Qemu ...
CVE-2013-4375The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before ...
CVE-2013-4344Buffer overflow in the SCSI implementation in QEMU, as used in Xen, ...
CVE-2013-2016qemu: virtio: out-of-bounds config space access
CVE-2013-2007The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when ...
CVE-2012-6075Buffer overflow in the e1000_receive function in the e1000 device ...
CVE-2012-3515Qemu, as used in Xen 4.0, 4.1 and possibly other products, when ...
CVE-2012-2652The bdrv_open function in Qemu 1.0 does not properly handle the ...
CVE-2012-0029Heap-based buffer overflow in the process_tx_desc function in the ...
CVE-2011-3346Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before ...
CVE-2011-2527The change_process_uid function in os-posix.c in Qemu 0.14.0 and ...
CVE-2011-2512The virtio_queue_notify in qemu-kvm 0.14.0 and earlier does not ...
CVE-2011-2212Buffer overflow in the virtio subsystem in qemu-kvm 0.14.0 and earlier ...
CVE-2011-1751The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power ...
CVE-2011-1750Multiple heap-based buffer overflows in the virtio-blk driver ...
CVE-2011-0011qemu-kvm before 0.11.0 disables VNC authentication when the password ...
CVE-2010-2784The subpage MMIO initialization functionality in the subpage_register ...
CVE-2010-0431QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat ...
CVE-2010-0297Buffer overflow in the usb_host_handle_control function in the USB ...

Security announcements

DSA / DLADescription
DLA-842-1qemu-kvm - security update
DLA-765-1qemu-kvm - security update
DLA-689-1qemu-kvm - security update
DLA-679-1qemu-kvm - security update
DLA-653-1qemu-kvm - security update
DLA-619-1qemu-kvm - security update
DLA-574-1qemu-kvm - security update
DLA-539-1qemu-kvm - security update
DSA-3470-1qemu-kvm - security update
DSA-3362-1qemu-kvm - security update
DSA-3349-1qemu-kvm - security update
DLA-249-1qemu-kvm - security update
DSA-3285-1qemu-kvm - security update
DSA-3088-1qemu-kvm - security update
DSA-3067-1qemu-kvm - security update
DSA-3044-1qemu-kvm - security update
DSA-2933-1qemu-kvm - security update
DSA-2910-1qemu-kvm - security update
DSA-2910-1qemu-kvm - security update
DSA-2607-1qemu-kvm - buffer overflow
DSA-2542-1qemu-kvm - multiple
DSA-2396-1qemu-kvm - buffer underflow
DSA-2282-1qemu-kvm - several
DSA-2270-1qemu-kvm - programming error
DSA-2241-1qemu-kvm - implementation error
DSA-2230-1qemu-kvm - several

Search for package or bug name: Reporting problems