Redhat Virtualization
40 CVEs affecting Redhat Virtualization. Latest disclosed: 2023-10-03. Critical: 2, High: 10.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-9214 | Critical | 9.8 | 2017-05-23 | In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integ… |
CVE-2015-7512 | Critical | 9.0 | 2016-01-08 | Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of servic… |
CVE-2016-3710 | High | 8.8 | 2016-05-11 | The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary co… |
CVE-2016-1568 | High | 8.8 | 2016-04-12 | Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance… |
CVE-2015-1779 | High | 8.6 | 2016-01-12 | The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or… |
CVE-2016-2857 | High | 8.4 | 2016-04-12 | The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via… |
CVE-2023-4911 | High | 7.8 | 2023-10-03 | A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a… |
CVE-2017-7980 | High | 7.8 | 2017-07-25 | Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or c… |
CVE-2016-5126 | High | 7.8 | 2016-06-01 | Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process cras… |
CVE-2018-17958 | High | 7.5 | 2018-10-09 | Qemu has a Buffer Overflow in rtl8139_do_receive in hw/net/rtl8139.c because an incorrect integer data type is used. |
CVE-2017-10664 | High | 7.5 | 2017-08-02 | qemu-nbd in QEMU (aka Quick Emulator) does not ignore SIGPIPE, which allows remote attackers to cause a denial of service (daemon crash) by disconnecting durin… |
CVE-2009-4272 | High | 7.5 | 2010-01-27 | A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of servi… |
CVE-2016-9921 | Medium | 6.5 | 2016-12-23 | Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when… |
CVE-2016-9911 | Medium | 6.5 | 2016-12-23 | Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_i… |
CVE-2016-9907 | Medium | 6.5 | 2016-12-23 | Quick Emulator (Qemu) built with the USB redirector usb-guest support is vulnerable to a memory leakage flaw. It could occur while destroying the USB redirecto… |
CVE-2016-4020 | Medium | 6.5 | 2016-05-25 | The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensi… |
CVE-2016-7466 | Medium | 6.0 | 2016-12-10 | Memory leak in the usb_xhci_exit function in hw/usb/hcd-xhci.c in QEMU (aka Quick Emulator), when the xhci uses msix, allows local guest OS administrators to c… |
CVE-2016-7422 | Medium | 6.0 | 2016-12-10 | The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL poin… |
CVE-2016-6835 | Medium | 6.0 | 2016-12-10 | The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of servi… |
CVE-2016-8910 | Medium | 6.0 | 2016-11-04 | The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinit… |