| CVE-2021-20263 |
Medium |
No |
Privilege escalation |
A security issue was found in in the virtio-fs shared file system daemon (virtiofsd) of QEMU. Virtio-fs is meant to share a host file system directory with... |
| CVE-2021-20257 |
Low |
No |
Denial of service |
An infinite loop issue was found in the e1000 NIC emulator of the QEMU. It occurs while processing transmit (tx) descriptors in process_tx_desc, if various... |
| CVE-2021-20221 |
Low |
No |
Arbitrary code execution |
An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU on aarch64 platform. The issue occurs because... |
| CVE-2021-20181 |
Medium |
No |
Privilege escalation |
A security issue was found in QEMU 5.2.0. A race condition in the Plan 9 file system component could allow privilege escalation. |
| CVE-2021-3416 |
Low |
No |
Denial of service |
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU. The issue occurs in loopback mode of a NIC wherein reentrant... |
| CVE-2021-3409 |
Medium |
No |
Arbitrary code execution |
Upstream commit dfba99f17feb6d4a129da19d38df1bcd8579d1c3 was supposed to fix CVE-2020-17380 and CVE-2020-25085, both involving a heap buffer overflow in the... |
| CVE-2021-3392 |
Medium |
No |
Arbitrary code execution |
A use-after-free issue was found in the Megaraid emulator of the QEMU. It occurs while processing SCSI I/O requests because in case of an error... |
| CVE-2020-35517 |
Medium |
No |
Privilege escalation |
A potential host privilege escalation issue was found in the virtio-fs shared file system daemon (virtiofsd) of the QEMU. Virtio-fs daemon shares the host... |
| CVE-2020-35506 |
Medium |
No |
Arbitrary code execution |
A use-after-free vulnerability was found in the am53c974 SCSI host bus adapter emulation of QEMU. It could occur in the esp_do_dma() function in... |
| CVE-2020-35505 |
Low |
No |
Denial of service |
A NULL pointer dereference issue was found in the am53c974 SCSI host bus adapter emulation of QEMU. It could occur in the do_busid_cmd() function in... |
| CVE-2020-35504 |
Low |
No |
Denial of service |
A NULL pointer dereference issue was found in the SCSI emulation support of QEMU. It could occur in the scsi_req_continue() function in hw/scsi/scsi-bus.c... |
| CVE-2020-35503 |
Low |
No |
Denial of service |
A NULL pointer dereference issue was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU. It could occur in the megasas_command_cancelled()... |
| CVE-2020-29443 |
Low |
No |
Directory traversal |
An out-of-bounds read access issue was found in the ATAPI Emulator of QEMU. It occurs while processing ATAPI read command if logical block address(LBA) is... |
| CVE-2020-27821 |
Medium |
No |
Denial of service |
A heap buffer overflow was found in the Message Signaled Interrupt (MSI-X) device support of QEMU. The overflow could occur due to an out-of-bounds write of... |
| CVE-2020-15469 |
Low |
No |
Denial of service |
In QEMU 5.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. |