National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:qemu:qemu:1.7.0
There are 122 matching records.
Displaying matches 121 through 122.
Vuln ID Summary CVSS Severity

Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, which triggers a heap-based buffer overflow.

Published: April 18, 2014; 10:55:25 AM -04:00
    V2: 4.9 MEDIUM

Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorrect fix for CVE-2007-1320.

Published: December 29, 2008; 10:24:23 AM -05:00
    V2: 7.2 HIGH