| CVE-2021-20255 |
Low |
No |
Denial of service |
A stack overflow via infinite recursion issue was found in the eepro100 i8255x device emulator of QEMU. It could occur while processing controller commands... |
| CVE-2021-20203 |
Low |
No |
Denial of service |
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU. It may occur if a guest was to supply invalid values for rx/tx queue size or... |
| CVE-2021-20196 |
Low |
No |
Denial of service |
A NULL pointer dereference issue was found in the Floppy disk emulator of QEMU. It could occur while processing read/write ioport commands, if the selected... |
| CVE-2021-3947 |
Medium |
No |
Information disclosure |
A stack-buffer-overflow was found in QEMU in the NVME component. The flaw lies in nvme_changed_nslist() where a malicious guest controlling certain input... |
| CVE-2021-3930 |
Low |
No |
Denial of service |
An off-by-one error was found in the SCSI Device emulation in QEMU. It could occur in hw/scsi/scsi-disk.c:mode_sense_page() while processing MODE SELECT... |
| CVE-2021-3750 |
Medium |
No |
Arbitrary code execution |
A DMA reentrancy issue was found in the EHCI controller emulation of QEMU. When EHCI tries to transfer the USB packets, it doesn't check if the buffer... |
| CVE-2021-3748 |
Medium |
No |
Arbitrary code execution |
OSS-Fuzz found a use-after-free vulnerability in virtio-net. It occurs in the iov_from_buf_full function under these conditions: 1) the (malicious) driver... |
| CVE-2021-3735 |
Low |
No |
Denial of service |
A deadlock issue was found in the AHCI controller device (ich9-ahci) of QEMU while handling a host-to-device Register FIS (Frame Information Structure)... |
| CVE-2021-3713 |
Medium |
No |
Arbitrary code execution |
An out-of-bounds write issue was found in the UAS (USB Attached SCSI) device emulation of QEMU. It occurs due to missing sanity checks in the... |
| CVE-2021-3638 |
Low |
No |
Denial of service |
An out-of-bounds memory access security issue was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling... |
| CVE-2021-3611 |
Low |
No |
Denial of service |
A KVM guest can crash qemu-kvm (likely with a stack overflow) when the guest has been started with the intel-hda device. |
| CVE-2021-3507 |
Medium |
No |
Information disclosure |
A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA... |
| CVE-2020-15859 |
Low |
No |
Denial of service |
A use-after-free issue was found in the INTEL 82574 NIC (e1000e) emulator of the QEMU. It could while sending packets if the guest user set the packet data... |
| CVE-2020-14394 |
Low |
No |
Denial of service |
An infinite loop issue was found in the USB xHCI controller emulation of QEMU. Specifically, function xhci_ring_chain_length() in hw/usb/hcd-xhci.c may get... |