AVG-1308 log

Package qemu
Status Vulnerable
Severity Medium
Type multiple issues
Affected 5.2.0-4
Fixed Unknown
Current 5.2.0-4 [extra]
Ticket Create
Created Tue Dec 1 10:59:29 2020
Issue Severity Remote Type Description
CVE-2021-20263 Medium No Privilege escalation
A security issue was found in in the virtio-fs shared file system daemon (virtiofsd) of QEMU. Virtio-fs is meant to share a host file system directory with...
CVE-2021-20257 Low No Denial of service
An infinite loop issue was found in the e1000 NIC emulator of the QEMU. It occurs while processing transmit (tx) descriptors in process_tx_desc, if various...
CVE-2021-20255 Low No Denial of service
A stack overflow via infinite recursion issue was found in the eepro100 i8255x device emulator of QEMU. It could occur while processing controller commands...
CVE-2021-20221 Low No Arbitrary code execution
An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU on aarch64 platform. The issue occurs because...
CVE-2021-20203 Low No Denial of service
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU. It may occur if a guest was to supply invalid values for rx/tx queue size or...
CVE-2021-20196 Low No Denial of service
A NULL pointer dereference issue was found in the Floppy disk emulator of QEMU. It could occur while processing read/write ioport commands, if the selected...
CVE-2021-20181 Medium No Privilege escalation
A security issue was found in QEMU 5.2.0. A race condition in the Plan 9 file system component could allow privilege escalation.
CVE-2021-3416 Low No Denial of service
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant...
CVE-2021-3409 Medium No Arbitrary code execution
Upstream commit dfba99f17feb6d4a129da19d38df1bcd8579d1c3 was supposed to fix CVE-2020-17380 and CVE-2020-25085, both involving a heap buffer overflow in the...
CVE-2021-3392 Medium No Arbitrary code execution
A use-after-free issue was found in the Megaraid emulator of the QEMU. It occurs while processing SCSI I/O requests because in case of an error...
CVE-2020-35517 Medium No Privilege escalation
A potential host privilege escalation issue was found in the virtio-fs shared  file system daemon (virtiofsd) of the QEMU. Virtio-fs daemon shares the host...
CVE-2020-35506 Medium No Arbitrary code execution
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU. It could occur in the esp_do_dma() function in...
CVE-2020-35505 Low No Denial of service
A NULL pointer dereference issue was found in the am53c974 SCSI host bus adapter emulation of QEMU. It could occur in the do_busid_cmd() function in...
CVE-2020-35504 Low No Denial of service
A NULL pointer dereference issue was found in the SCSI emulation support of QEMU. It could occur in the scsi_req_continue() function in hw/scsi/scsi-bus.c...
CVE-2020-35503 Low No Denial of service
A NULL pointer dereference issue was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU. It could occur in the megasas_command_cancelled()...
CVE-2020-29443 Low No Directory traversal
An out-of-bounds read access issue was found in the ATAPI Emulator of QEMU. It occurs while processing ATAPI read command if logical block address(LBA) is...
CVE-2020-27821 Medium No Denial of service
A heap buffer overflow was found in the Message Signaled Interrupt (MSI-X) device support of QEMU. The overflow could occur due to an out-of-bounds write of...
CVE-2020-15469 Low No Denial of service
In QEMU 5.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
CVE-2020-14394 Low No Denial of service
An infinite loop issue was found in the USB xHCI controller emulation of QEMU. Specifically, function xhci_ring_chain_length() in hw/usb/hcd-xhci.c may get...