Search CVE reports
441 – 450 of 483 results
Some fixes available 3 of 4
Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.
4 affected packages
qemu, qemu-kvm, xen, xen-3.3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
4 affected packages
qemu, qemu-kvm, xen, xen-3.3
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different...
2 affected packages
qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Some fixes available 11 of 16
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS...
7 affected packages
xen, kvm, qemu, qemu-kvm, xen-3.1...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xen | — | — | — | — | — |
| kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
Some fixes available 2 of 5
The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998.
5 affected packages
xen, xen-3.1, xen-3.2, xen-3.3, xen-qemu-dm-4.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| xen | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
| xen-qemu-dm-4.0 | — | — | — | — | — |
Some fixes available 6 of 11
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers...
6 affected packages
qemu-kvm, xen, xen-3.1, xen-3.2, xen-3.3, xen-qemu-dm-4.0
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | — | — |
| xen | — | — | — | — | — |
| xen-3.1 | — | — | — | — | — |
| xen-3.2 | — | — | — | — | — |
| xen-3.3 | — | — | — | — | — |
| xen-qemu-dm-4.0 | — | — | — | — | — |
Some fixes available 4 of 6
The bdrv_open function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file.
3 affected packages
kvm, qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Some fixes available 4 of 6
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute...
3 affected packages
kvm, qemu, qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| kvm | — | — | — | — | — |
| qemu | — | — | — | — | — |
| qemu-kvm | — | — | — | — | — |
Buffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary...
1 affected package
qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | — | — |
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
1 affected package
qemu-kvm
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| qemu-kvm | — | — | — | — | — |