| Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-7539 | 5.0 |
An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during
|
12-02-2023 - 23:30 | 26-07-2018 - 14:29 | |
| CVE-2017-10664 | 5.0 |
qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting during a server-to-client reply attempt.
|
04-08-2021 - 17:15 | 02-08-2017 - 19:29 | |
| CVE-2017-14167 | 7.2 |
Integer overflow in the load_multiboot function in hw/i386/multiboot.c in QEMU (aka Quick Emulator) allows local guest OS users to execute arbitrary code on the host via crafted multiboot header address values, which trigger an out-of-bounds write.
|
16-11-2020 - 20:21 | 08-09-2017 - 18:29 | |
| CVE-2017-15289 | 2.1 |
The mode4and5 write functions in hw/display/cirrus_vga.c in Qemu allow local OS guest privileged users to cause a denial of service (out-of-bounds write access and Qemu process crash) via vectors related to dst calculation.
|
10-11-2020 - 18:53 | 16-10-2017 - 18:29 | |
| CVE-2017-11334 | 2.1 |
The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest
|
10-11-2020 - 18:32 | 02-08-2017 - 19:29 |