Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:qemu:qemu:2.6.0:rc3:*:*:*:*:*:*
There are 3 matching records.
Displaying matches 1 through 3.
Vuln ID Summary CVSS Severity
CVE-2016-2198

QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS.

Published: December 29, 2016; 5:59:00 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-3712

Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.

Published: May 11, 2016; 5:59:02 PM -0400
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2016-3710

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

Published: May 11, 2016; 5:59:01 PM -0400
V3.1: 8.8 HIGH
V2.0: 7.2 HIGH