CVE search results

421 – 430 of 471 results

Detailed view

Sort by:

CVE-2013-4527

Low priority

Some fixes available 2 of 4

Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—

CVE-2013-4526

Low priority

Some fixes available 1 of 3

Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—

CVE-2013-4151

Low priority

Some fixes available 3 of 5

The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—

The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is...

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—

CVE-2013-4149

Low priority

Some fixes available 1 of 3

Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—

CVE-2013-4148

Low priority

Some fixes available 3 of 5

Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—

CVE-2013-4375

Medium priority

Some fixes available 2 of 3

The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) via unspecified vectors.

4 affected packages

qemu, qemu-kvm, xen, xen-3.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—
xen	—	—	—	—
xen-3.3	—	—	—	—

CVE-2013-4377

Medium priority

Some fixes available 1 of 2

Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.

2 affected packages

qemu, qemu-kvm

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—

CVE-2013-4344

Low priority

Some fixes available 3 of 4

Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

4 affected packages

qemu, qemu-kvm, xen, xen-3.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—
xen	—	—	—	—
xen-3.3	—	—	—	—

CVE-2013-2007

Low priority

Ignored

The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.

4 affected packages

qemu, qemu-kvm, xen, xen-3.3

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
qemu	—	—	—	—
qemu-kvm	—	—	—	—
xen	—	—	—	—
xen-3.3	—	—	—	—

Export to JSON

Results by page:

Search CVE reports

CVE-2013-4527

CVE-2013-4526

CVE-2013-4151

CVE-2013-4150

CVE-2013-4149

CVE-2013-4148

CVE-2013-4375

CVE-2013-4377

CVE-2013-4344

CVE-2013-2007