AVG-1898 log

Package qemu
Status Vulnerable
Severity Medium
Type multiple issues
Affected 6.1.0-5
Fixed Unknown
Current 6.1.0-5 [extra]
Ticket Create
Created Thu Apr 29 22:58:23 2021
Issue Severity Remote Type Description
CVE-2021-20255 Low No Denial of service
A stack overflow via infinite recursion issue was found in the eepro100 i8255x device emulator of QEMU. It could occur while processing controller commands...
CVE-2021-20203 Low No Denial of service
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU. It may occur if a guest was to supply invalid values for rx/tx queue size or...
CVE-2021-20196 Low No Denial of service
A NULL pointer dereference issue was found in the Floppy disk emulator of QEMU. It could occur while processing read/write ioport commands, if the selected...
CVE-2021-3750 Medium No Arbitrary code execution
A DMA reentrancy issue was found in the EHCI controller emulation of QEMU. When EHCI tries to transfer the USB packets, it doesn't check if the buffer...
CVE-2021-3748 Medium No Arbitrary code execution
OSS-Fuzz found a use-after-free vulnerability in virtio-net. It occurs in the iov_from_buf_full function under these conditions:  1) the (malicious) driver...
CVE-2021-3735 Low No Denial of service
A deadlock issue was found in the AHCI controller device (ich9-ahci) of QEMU while handling a host-to-device Register FIS (Frame Information Structure)...
CVE-2021-3713 Medium No Arbitrary code execution
An out-of-bounds write issue was found in the UAS (USB Attached SCSI) device emulation of QEMU. It occurs due to missing sanity checks in the...
CVE-2021-3638 Low No Denial of service
An out-of-bounds memory access security issue was found in the ATI VGA device emulation of QEMU. This flaw occurs in the ati_2d_blt() routine while handling...
CVE-2021-3611 Low No Denial of service
A KVM guest can crash qemu-kvm (likely with a stack overflow) when the guest has been started with the intel-hda device.
CVE-2021-3507 Medium No Information disclosure
A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA...
CVE-2020-15859 Low No Denial of service
A use-after-free issue was found in the INTEL 82574 NIC (e1000e) emulator of the QEMU. It could while sending packets if the guest user set the packet data...
CVE-2020-14394 Low No Denial of service
An infinite loop issue was found in the USB xHCI controller emulation of QEMU. Specifically, function xhci_ring_chain_length() in hw/usb/hcd-xhci.c may get...