QEMU 9.0.0

CPE Details

QEMU 9.0.0
9.0.0
2024-08-01
16h26 +00:00
2024-08-01
16h26 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:qemu:qemu:9.0.0:*:*:*:*:*:*:*

Informations

Vendor

qemu

Product

qemu

Version

9.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-1386 2023-07-24 15h19 +00:00 A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the guest to elevate their privileges within the guest and help a host local user to elevate privileges on the host.
7.8
High
CVE-2021-20255 2021-03-09 18h14 +00:00 A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.5
Medium
CVE-2017-5957 2017-03-14 13h00 +00:00 Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), allows a local guest users to cause a denial of service (application crash) via the "nr_cbufs" argument.
5.5
Medium