| Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-9102 | 2.1 |
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with t
|
13-02-2023 - 04:50 | 09-12-2016 - 22:59 | |
| CVE-2016-9103 | 2.1 |
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them.
|
12-02-2023 - 23:27 | 09-12-2016 - 22:59 | |
| CVE-2016-8910 | 2.1 |
The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
|
12-02-2023 - 23:27 | 04-11-2016 - 21:59 | |
| CVE-2016-9105 | 2.1 |
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
|
12-02-2023 - 23:27 | 09-12-2016 - 22:59 | |
| CVE-2016-8669 | 2.1 |
The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater th
|
12-02-2023 - 23:26 | 04-11-2016 - 21:59 | |
| CVE-2016-8909 | 2.1 |
The intel_hda_xfer function in hw/audio/intel-hda.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer posi
|
12-02-2023 - 23:26 | 04-11-2016 - 21:59 | |
| CVE-2016-7423 | 2.1 |
The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vecto
|
12-02-2023 - 23:25 | 10-10-2016 - 16:59 | |
| CVE-2016-8576 | 2.1 |
The xhci_ring_fetch function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request
|
12-02-2023 - 23:25 | 04-11-2016 - 21:59 | |
| CVE-2016-7908 | 2.1 |
The mcf_fec_do_tx function in hw/net/mcf_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU
|
12-02-2023 - 23:25 | 05-10-2016 - 16:59 | |
| CVE-2016-7466 | 1.9 |
Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to cause a denial of service (memory consumption and possibly QEMU process crash) by repeatedly
|
12-02-2023 - 23:25 | 10-12-2016 - 00:59 | |
| CVE-2016-8577 | 2.1 |
Memory leak in the v9fs_read function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors related to an I/O read operation.
|
12-02-2023 - 23:25 | 04-11-2016 - 21:59 | |
| CVE-2016-7161 | 10.0 |
Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.
|
16-11-2020 - 20:20 | 05-10-2016 - 16:59 | |
| CVE-2016-7909 | 4.9 |
The pcnet_rdra_addr function in hw/net/pcnet.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to
|
10-11-2020 - 18:54 | 05-10-2016 - 16:59 | |
| CVE-2016-7907 | 2.1 |
The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU
|
10-11-2020 - 17:46 | 05-10-2016 - 16:59 | |
| CVE-2016-8578 | 2.1 |
The v9fs_iov_vunmarshal function in fsdev/9p-iov-marshal.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) by sending an empty string parameter to a 9P o
|
21-10-2020 - 20:41 | 04-11-2016 - 21:59 | |
| CVE-2016-8668 | 2.1 |
The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size.
|
21-10-2020 - 20:25 | 04-11-2016 - 21:59 | |
| CVE-2016-9104 | 2.1 |
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which tr
|
21-10-2020 - 20:22 | 09-12-2016 - 22:59 | |
| CVE-2016-7994 | 2.1 |
Memory leak in the virtio_gpu_resource_create_2d function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via a large number of VIRTIO_GPU_CMD_RESOURCE_CRE
|
21-10-2020 - 20:21 | 10-12-2016 - 00:59 |