Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qemu qemu 6.1.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-4145
A NULL pointer dereference issue was found in the block mirror layer of QEMU in versions before 6.2.0. The `self` pointer is dereferenced in mirror_wait_on_conflicts() without ensuring that it's not NULL. A malicious unprivileged user within the guest could use this flaw to ...
Qemu Qemu 6.1.0
Redhat Enterprise Linux 8.0
8.5
CVSSv3
CVE-2021-3682
A flaw was found in the USB redirector device emulation of QEMU in versions before 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with ...
Qemu Qemu 6.1.0
Qemu Qemu
Redhat Enterprise Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.4
CVSSv3
CVE-2021-3735
A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest could use this flaw to hang the Q...
Qemu Qemu 6.1.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
6
CVSSv3
CVE-2021-3608
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions before 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest and may result in a crash of QEMU or cause undefined behavior due to the access of ...
Qemu Qemu
Debian Debian Linux 10.0
Fedoraproject Fedora 34
6
CVSSv3
CVE-2021-3607
An integer overflow was found in the QEMU implementation of VMWare's paravirtual RDMA device in versions before 6.1.0. The issue occurs while handling a "PVRDMA_REG_DSRHIGH" write from the guest due to improper input validation. This flaw allows a privileged guest ...
Qemu Qemu
Debian Debian Linux 10.0
Fedoraproject Fedora 34
NA
CVE-2015-4106
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly have other unspecified impact vi...
Qemu Qemu
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Suse Linux Enterprise Server 11
Suse Linux Enterprise Desktop 11
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Desktop 12
Citrix Xenserver 6.0.2
Citrix Xenserver 6.0
Citrix Xenserver 6.1.0
Citrix Xenserver 6.5
Citrix Xenserver 6.2.0
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
6.5
CVSSv3
CVE-2020-12430
An issue exists in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x prior to 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unpri...
Redhat Libvirt
Redhat Enterprise Linux 8.0
NA
CVE-2023-52761
In the Linux kernel, the following vulnerability has been resolved: riscv: VMAP_STACK overflow detection thread-safe commit 31da94c25aea ("riscv: add VMAP_STACK overflow detection") added support for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to `shadow_st...
7.1
CVSSv3
CVE-2024-26597
In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a *bigger* maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. See bug trace below: ====...
Linux Linux Kernel
NA
CVE-2024-26608
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oob in ksmbd_nl_policy Similar to a reported issue (check the commit b33fb5b801c6 ("net: qualcomm: rmnet: fix global oob in rmnet_policy"), my local fuzzer finds another global out-of-...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started