Shodan
Vulnerabilities
Vulnerable Software
Qemu:  >> Qemu  >> 0.2.0  Security Vulnerabilities
CVE-2016-6835
The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.
CVSS Score
6.0
EPSS Score
0.001
Published
2016-12-10
CVE-2016-6834
The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.
CVSS Score
4.4
EPSS Score
0.001
Published
2016-12-10
CVE-2016-6833
Use-after-free vulnerability in the vmxnet3_io_bar0_write function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU instance crash) by leveraging failure to check if the device is active.
CVSS Score
4.4
EPSS Score
0.001
Published
2016-12-10
CVE-2016-6490
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.
CVSS Score
4.4
EPSS Score
0.001
Published
2016-12-10
CVE-2016-4964
The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU process crash) via vectors involving s->state.
CVSS Score
6.0
EPSS Score
0.001
Published
2016-12-10
CVE-2016-9106
Memory leak in the v9fs_write function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) by leveraging failure to free an IO vector.
CVSS Score
6.0
EPSS Score
0.001
Published
2016-12-09
CVE-2016-9105
Memory leak in the v9fs_link function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption) via vectors involving a reference to the source fid object.
CVSS Score
6.0
EPSS Score
0.001
Published
2016-12-09
CVE-2016-9104
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.
CVSS Score
4.4
EPSS Score
0.001
Published
2016-12-09
CVE-2016-9103
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host heap memory information by reading xattribute values before writing to them.
CVSS Score
6.0
EPSS Score
0.001
Published
2016-12-09
CVE-2016-9102
Memory leak in the v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) via a large number of Txattrcreate messages with the same fid number.
CVSS Score
6.0
EPSS Score
0.001
Published
2016-12-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved