qemu

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A generic and open source machine emulator and virtualizer
Version 5.1.0-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1110 4.2.0-2 5.0.0-1 High Fixed
AVG-938 2.8.0-1 2.8.1-1 High Fixed
AVG-914 3.1.0-2 4.0.0-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2020-7039 AVG-1110 High No Arbitrary code execution
A heap buffer overflow issue was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the tcp_emu() routine while...
CVE-2020-1711 AVG-1110 High No Arbitrary code execution
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU handled a response coming from an iSCSI server while checking...
CVE-2019-20382 AVG-1110 Low Yes Denial of service
A memory leak has been found in in the way VNC display driver of QEMU <= 4.2.0 handled connection disconnect, when ZRLE, Tight encoding is enabled. It...
CVE-2019-3812 AVG-914 High No Arbitrary code execution
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function....
CVE-2017-7980 AVG-938 High No Arbitrary code execution
Quick emulator(Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds r/w access issue. It could occur while copying...

Advisories

Date Advisory Group Severity Description
07 May 2020 ASA-202005-6 AVG-1110 High multiple issues