) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:qemu:qemu:2.5.0:rc1:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2016-4002 |
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes. Published: April 26, 2016; 10:59:04 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 6.8 MEDIUM |
| CVE-2016-2857 |
The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet. Published: April 11, 2016; 10:00:07 PM -0400 |
V3.1: 8.4 HIGH V2.0: 3.6 LOW |
| CVE-2016-1568 |
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command. Published: April 11, 2016; 10:00:05 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.9 MEDIUM |
| CVE-2016-2858 |
QEMU, when built with the Pseudo Random Number Generator (PRNG) back-end support, allows local guest OS users to cause a denial of service (process crash) via an entropy request, which triggers arbitrary stack based allocation and memory corruption. Published: April 07, 2016; 3:59:03 PM -0400 |
V3.1: 6.5 MEDIUM V2.0: 1.9 LOW |
| CVE-2015-7512 |
Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. Published: January 08, 2016; 4:59:02 PM -0500 |
V3.1: 9.0 CRITICAL V2.0: 6.8 MEDIUM |