CVE-2019-3812

Several security issues were fixed in QEMU ...

Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or information disclosure In addition this update backports support to passthrough the new md-clear CPU flag added in the intel-microcode update shipped in DSA 4447 to x86-based guests For the stabl ...

Debian Bug report logs - #922635 qemu: CVE-2019-3812 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 18 Feb 2019 17:12:01 UTC Severity: important Tags: security, upstream Found in versions qemu/1 ...

Debian Bug report logs - #929353 qemu: CVE-2019-12155: qxl: null pointer dereference while releasing speice resources Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 22 May 2019 08:03:02 UTC Sever ...

Debian Bug report logs - #901017 qemu: CVE-2018-11806: slirp: heap buffer overflow while reassembling fragmented datagrams Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 8 Jun 2018 03:42:01 UTC ...

Impact: Moderate Public Date: 2019-02-18 CWE: CWE-119 Bugzilla: 1665792: CVE-2019-3812 qemu: Out-of-bou ...

QEMU, through version 210 and through version 310, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddcc:i2c_ddc() function A local attacker with permission to execute i2c commands could exploit this to read stack memory of the qemu process on the host ...