AVG-1898 log

Package qemu
Status Vulnerable
Severity Medium
Type multiple issues
Affected 6.0.0-2
Fixed Unknown
Current 6.0.0-2 [extra]
Ticket Create
Created Thu Apr 29 22:58:23 2021
Issue Severity Remote Type Description
CVE-2021-20255 Low No Denial of service
A stack overflow via infinite recursion issue was found in the eepro100 i8255x device emulator of QEMU. It could occur while processing controller commands...
CVE-2021-20203 Low No Denial of service
An integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU. It may occur if a guest was to supply invalid values for rx/tx queue size or...
CVE-2021-20196 Low No Denial of service
A NULL pointer dereference issue was found in the Floppy disk emulator of QEMU. It could occur while processing read/write ioport commands, if the selected...
CVE-2021-3546 Low No Arbitrary code execution
An out-of-bounds write vulnerability was found in the virtio vhost- user GPU device (vhost-user-gpu) of QEMU. The flaw exists in virgl_cmd_get_capset() in...
CVE-2021-3545 Low No Information disclosure
An information disclosure vulnerability was found in the virtio vhost- user GPU device (vhost-user-gpu) of QEMU. The flaw exists in...
CVE-2021-3544 Low No Denial of service
Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU. They exist in contrib/vhost-user-gpu/vhost- user-gpu.c and...
CVE-2021-3527 Low No Denial of service
A security issue was found in the USB redirection support (usb-redir) of QEMU. More specifically, usb-host and usb-redirect try to batch bulk transfers by...
CVE-2021-3507 Medium No Information disclosure
A heap buffer overflow was found in the floppy disk emulator of QEMU. It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA...
CVE-2020-14394 Low No Denial of service
An infinite loop issue was found in the USB xHCI controller emulation of QEMU. Specifically, function xhci_ring_chain_length() in hw/usb/hcd-xhci.c may get...