CVE search results

31 – 40 of 397 results

Detailed view

Sort by:

CVE-2020-27616

Low priority

Fixed

ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	Fixed	Not affected
qemu-kvm	—	—	Not in release	Not in release

CVE-2020-25743

Low priority

Vulnerable

hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.

2 affected packages

qemu-kvm, qemu

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu-kvm	Not in release	Not in release	Not in release	Not in release
qemu	Vulnerable	Vulnerable	Vulnerable	Vulnerable

CVE-2020-25742

Low priority

Vulnerable

pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	Vulnerable	Vulnerable	Vulnerable	Vulnerable
qemu-kvm	Not in release	Not in release	Not in release	Not in release

CVE-2020-25741

Low priority

Vulnerable

fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	Vulnerable	Vulnerable	Vulnerable	Vulnerable
qemu-kvm	Not in release	Not in release	Not in release	Not in release

CVE-2020-25723

Medium priority

Some fixes available 13 of 14

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release

CVE-2020-25707

Low priority

Ignored

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate is a duplicate of CVE-2020-2891

2 affected packages

qemu-kvm, qemu

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu-kvm	—	—	Not in release	Not in release
qemu	—	—	Not affected	Not affected

CVE-2020-25625

Low priority

Some fixes available 13 of 14

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release

CVE-2020-25624

Low priority

Some fixes available 13 of 14

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release

CVE-2020-25085

Medium priority

Some fixes available 13 of 14

QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release

CVE-2020-25084

Low priority

Some fixes available 13 of 14

QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	Fixed	Fixed	Fixed	Fixed
qemu-kvm	Not in release	Not in release	Not in release	Not in release

Export to JSON

Results by page:

Search CVE reports