Qemu: >> Qemu >> 2.8.1.1 Security Vulnerabilities
The rc4030_write function in hw/dma/rc4030.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value.
CVSS Score
6.0
EPSS Score
0.001
Published
2016-11-04
The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
CVSS Score
4.4
EPSS Score
0.001
Published
2016-10-05
Page 16