Max CVSS | 9.3 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-6368 | 6.2 |
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
|
13-02-2023 - 04:49 | 14-12-2013 - 18:08 | |
CVE-2013-1798 | 6.2 |
The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive inf
|
13-02-2023 - 04:41 | 22-03-2013 - 11:59 | |
CVE-2012-6075 | 9.3 |
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly ex
|
13-02-2023 - 04:37 | 13-02-2013 - 01:55 | |
CVE-2012-3515 | 7.2 |
Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device mode
|
13-02-2023 - 04:34 | 23-11-2012 - 20:55 | |
CVE-2015-5279 | 7.2 |
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
|
13-02-2023 - 00:52 | 28-09-2015 - 16:59 | |
CVE-2015-3209 | 7.5 |
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
|
13-02-2023 - 00:48 | 15-06-2015 - 15:59 | |
CVE-2014-3611 | 4.7 |
Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation.
|
13-02-2023 - 00:41 | 10-11-2014 - 11:55 | |
CVE-2012-0029 | 7.4 |
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via craf
|
13-02-2023 - 00:22 | 27-01-2012 - 15:55 | |
CVE-2015-3456 | 7.7 |
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
|
17-11-2021 - 22:15 | 13-05-2015 - 18:59 | |
CVE-2017-2620 | 9.0 |
Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use t
|
04-08-2021 - 17:15 | 27-07-2018 - 19:29 | |
CVE-2016-5403 | 4.9 |
The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
|
04-08-2021 - 17:15 | 02-08-2016 - 16:59 | |
CVE-2012-2121 | 4.9 |
The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrati
|
05-01-2018 - 02:29 | 17-05-2012 - 11:00 | |
CVE-2010-4525 | 1.9 |
Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via unspecified vectors.
|
17-08-2017 - 01:33 | 11-01-2011 - 03:00 | |
CVE-2011-4347 | 4.0 |
The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices
|
10-06-2013 - 17:30 | 08-06-2013 - 13:05 |