Show filters
414 Total Results
Displaying 101-110 of 414
Sort by:
Attacker Value
Unknown
CVE-2020-15859
Disclosure Date: July 21, 2020 (last updated February 21, 2025)
QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.
0
Attacker Value
Unknown
CVE-2020-15469
Disclosure Date: July 02, 2020 (last updated February 21, 2025)
In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.
0
Attacker Value
Unknown
CVE-2020-10761
Disclosure Date: June 09, 2020 (last updated February 21, 2025)
An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.
0
Attacker Value
Unknown
CVE-2020-10702
Disclosure Date: June 04, 2020 (last updated February 21, 2025)
A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU.
0
Attacker Value
Unknown
CVE-2020-13765
Disclosure Date: June 04, 2020 (last updated February 21, 2025)
rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.
0
Attacker Value
Unknown
CVE-2020-13800
Disclosure Date: June 04, 2020 (last updated February 21, 2025)
ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite recursion via a crafted mm_index value during an ati_mm_read or ati_mm_write call.
0
Attacker Value
Unknown
CVE-2020-13791
Disclosure Date: June 04, 2020 (last updated February 21, 2025)
hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.
0
Attacker Value
Unknown
CVE-2020-13754
Disclosure Date: June 02, 2020 (last updated February 21, 2025)
hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
0
Attacker Value
Unknown
CVE-2020-13659
Disclosure Date: June 02, 2020 (last updated February 21, 2025)
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
0
Attacker Value
Unknown
CVE-2020-13362
Disclosure Date: May 28, 2020 (last updated February 21, 2025)
In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.
0