qemu vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the qemu package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L NULL Pointer Dereference	*
M Out-of-bounds Read	*
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u15
L NULL Pointer Dereference	*
M Out-of-Bounds	*
L Out-of-bounds Write	<1:2.1+dfsg-12+deb8u15
L Out-of-bounds Read	<1:2.1+dfsg-12+deb8u15
M Out-of-bounds Read	*
L Integer Overflow or Wraparound	*
M Use After Free	<1:2.1+dfsg-12+deb8u15
L Memory Leak	*
M Buffer Overflow	<1:2.1+dfsg-12+deb8u14
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u14
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u13
H Improper Check for Unusual or Exceptional Conditions	*
H Use After Free	<1:2.1+dfsg-12+deb8u12
M NULL Pointer Dereference	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u12
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u12
H CVE-2019-13164	<1:2.1+dfsg-12+deb8u12
C CVE-2019-12164	*
C OS Command Injection	*
C OS Command Injection	*
H NULL Pointer Dereference	<1:2.1+dfsg-12+deb8u12
H Integer Overflow or Wraparound	*
M Information Exposure	*
M CVE-2019-11091	*
M Information Exposure	*
M Information Exposure	*
C Out-of-Bounds	<1:2.1+dfsg-12+deb8u11
M Use of Uninitialized Resource	<1:2.1+dfsg-12+deb8u11
L Improper Data Handling	*
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u10
M Time-of-check Time-of-use (TOCTOU)	<1:2.1+dfsg-12+deb8u10
M Integer Overflow or Wraparound	*
M Race Condition	<1:2.1+dfsg-12+deb8u9
M Use After Free	<1:2.1+dfsg-12+deb8u9
M Out-of-bounds Read	<1:2.1+dfsg-12+deb8u11
M Integer Overflow or Wraparound	*
H Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u9
M Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u8
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u8
C Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u8
M CVE-2018-15746	*
H Improper Privilege Management	<2.1+dfsg-1
C Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
H Improper Input Validation	<2.1+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.1+dfsg-1
H Improper Input Validation	<2.0.0+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.0.0+dfsg-1
M Buffer Overflow	<1:2.1+dfsg-12+deb8u2
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u4
H Out-of-Bounds	<2.1+dfsg-1
C Out-of-Bounds	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u4
M Out-of-bounds Read	<2.1+dfsg-1
M Integer Overflow or Wraparound	<2.0.0+dfsg-1
C Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
H Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u10
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u11
H Link Following	<1:2.1+dfsg-12+deb8u7
H Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
M Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u7
M Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
M Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
M Use After Free	<2.1+dfsg-1
H Improper Input Validation	*
M Information Exposure	<1:2.1+dfsg-12+deb8u7
C Improper Input Validation	<1:2.1+dfsg-12+deb8u7
M NULL Pointer Dereference	<1:2.1+dfsg-12+deb8u5a
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u5a
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u7
M Race Condition	<1:2.1+dfsg-12+deb8u7
H Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u7
M Out-of-bounds Read	*
H Out-of-Bounds	<2.0.0+dfsg-1
M Divide By Zero	<2.0.0+dfsg-1
M NULL Pointer Dereference	<2.0.0+dfsg-1
H Integer Overflow or Wraparound	<2.0.0+dfsg-1
H CVE-2017-10664	<1:2.1+dfsg-12+deb8u8
M Out-of-bounds Read	*
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u7
M Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u7
M Information Exposure	<1:2.1+dfsg-12+deb8u7
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u12
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M NULL Pointer Dereference	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u7
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u7
H Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u7
H Incorrect Permission Assignment for Critical Resource	<1:2.1+dfsg-12+deb8u7
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u7
H Arbitrary Code Injection	*
M Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
M Resource Management Errors	<1:2.1+dfsg-12+deb8u5a
H Memory Leak	<1:2.1+dfsg-12+deb8u5a
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u5a
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u5a
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u7
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u5a
M Divide By Zero	<1:2.1+dfsg-12+deb8u5a
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u7
M Divide By Zero	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u7
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Out-of-bounds Read	<1:2.1+dfsg-12+deb8u7
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u7
M Reachable Assertion	<1:2.1+dfsg-12+deb8u5a
M Improper Input Validation	<1:2.1+dfsg-12+deb8u5a
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M NULL Pointer Dereference	<1:2.1+dfsg-12+deb8u7
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Out-of-bounds Read	*
H Out-of-bounds Read	<1:2.1+dfsg-12+deb8u5a
M NULL Pointer Dereference	<1:2.1+dfsg-12+deb8u5a
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u5a
M Memory Leak	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u7
M Divide By Zero	<1:2.1+dfsg-12+deb8u7
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u7
M Use After Free	*
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u7
M Excessive Iteration	<1:2.1+dfsg-12+deb8u8
M Directory Traversal	<1:2.1+dfsg-12+deb8u8
M Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u8
M Buffer Overflow	<1:2.1+dfsg-12+deb8u8
M Incorrect Type Conversion or Cast	<1:2.1+dfsg-12+deb8u8
M Improper Validation of Array Index	<1:2.1+dfsg-12+deb8u8
M CVE-2016-6835	<1:2.1+dfsg-12+deb8u7
M Improper Initialization	<1:2.1+dfsg-12+deb8u8
M Use After Free	<1:2.1+dfsg-12+deb8u7
M CVE-2016-7155	<1:2.1+dfsg-12+deb8u8
M Information Exposure	<1:2.1+dfsg-12+deb8u8
M Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u8
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u8
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u8
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u8
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u8
M Divide By Zero	<1:2.1+dfsg-12+deb8u7
M Missing Release of Resource after Effective Lifetime	<1:2.1+dfsg-12+deb8u8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u8
M Allocation of Resources Without Limits or Throttling	<1:2.1+dfsg-12+deb8u7
M Divide By Zero	<1:2.1+dfsg-12+deb8u7
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u8
M CVE-2016-8578	<1:2.1+dfsg-12+deb8u8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u8
C Out-of-bounds Write	<1:2.1+dfsg-12+deb8u8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u8
M CVE-2016-6351	<1:2.1+dfsg-12+deb8u8
M Out-of-bounds Read	<1:2.1+dfsg-12+deb8u8
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u8
M Use of Uninitialized Resource	<1:2.1+dfsg-12+deb8u8
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u8
M Resource Exhaustion	<1:2.1+dfsg-12+deb8u12
M Improper Input Validation	<1:2.1+dfsg-12+deb8u8
H Numeric Errors	<1:2.1+dfsg-12+deb8u8
M NULL Pointer Dereference	<1:2.1+dfsg-12+deb8u8
M CVE-2016-2392	<1:2.1+dfsg-12+deb8u8
H CVE-2016-5338	<1:2.1+dfsg-12+deb8u8
M CVE-2016-5337	<1:2.1+dfsg-12+deb8u8
M Out-of-bounds Write	<1:2.1+dfsg-12+deb8u8
M Out-of-Bounds	<1:2.1+dfsg-12+deb8u8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u8
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u12
M CVE-2016-4020	<1:2.1+dfsg-12+deb8u8
M Resource Exhaustion	<1:2.1+dfsg-12+deb8u8
H Buffer Overflow	<1:2.1+dfsg-12+deb8u8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.1+dfsg-12+deb8u5a
M Out-of-Bounds	<1:2.1+dfsg-12+deb8u8
M Out-of-Bounds	<1:2.1+dfsg-12+deb8u8
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u6
M Integer Overflow or Wraparound	<1:2.1+dfsg-12+deb8u6
C Buffer Overflow	<1:2.1+dfsg-12+deb8u8
H Improper Access Control	<1:2.1+dfsg-12+deb8u5a
H Use After Free	<1:2.1+dfsg-12+deb8u5a
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u8
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u5a
M Insufficient Entropy	<1:2.1+dfsg-12+deb8u8
H Resource Exhaustion	<1:2.1+dfsg-12
C Buffer Overflow	<1:2.1+dfsg-12+deb8u5a
M Out-of-Bounds	<1:2.1+dfsg-12+deb8u5a
H Divide By Zero	<1:2.1+dfsg-12+deb8u4
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u2
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u4
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u2
L Code	<1:2.1+dfsg-12+deb8u1
H Information Exposure	<1:2.1+dfsg-12+deb8u2
H Out-of-Bounds	<1:2.1+dfsg-12+deb8u2
H Out-of-bounds Write	<1:2.1+dfsg-12+deb8u1
H Access Restriction Bypass	<1:2.1+dfsg-12+deb8u1
M Access Restriction Bypass	<1:2.1+dfsg-12+deb8u1
M Resource Management Errors	<1:2.1+dfsg-12+deb8u1
M Incorrect Authorization	<1:2.1+dfsg-12+deb8u1
H Out-of-Bounds	<1:2.1+dfsg-12
M Resource Management Errors	<1:2.1+dfsg-12
M Access Restriction Bypass	<1:2.1+dfsg-12
H Improper Input Validation	<2.1+dfsg-8
M Out-of-Bounds	<2.1+dfsg-9
M Off-by-one Error	<2.1+dfsg-5
M Improper Input Validation	<2.1+dfsg-7
H Improper Privilege Management	<2.1+dfsg-6
M NULL Pointer Dereference	<2.1+dfsg-5
H Arbitrary Code Injection	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
M Numeric Errors	<2.0.0+dfsg-6
H Out-of-Bounds	<2.1+dfsg-1
H Arbitrary Code Injection	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Numeric Errors	<2.1+dfsg-1
H Numeric Errors	<2.0.0+dfsg-6
H Out-of-Bounds	<2.1+dfsg-1
H Arbitrary Code Injection	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
M Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
M Information Exposure	<2.1+dfsg-5
M Out-of-Bounds	<2.1+dfsg-1
M Improper Input Validation	<2.0.0+dfsg-1
H Numeric Errors	<2.0.0+dfsg-1
M Numeric Errors	<1.7.0+dfsg-8
H Out-of-Bounds	<0.15.1+dfsg-2
L Resource Management Errors	<1.7.0+dfsg-4
H Buffer Overflow	<1.6.0+dfsg-2
M Access Restriction Bypass	<1.5.0+dfsg-1
H Buffer Overflow	<1.1.2+dfsg-4
H Improper Input Validation	<1.1.2+dfsg-1
M CVE-2012-2652	<1.1.0+dfsg-1
C Resource Management Errors	<0.11.0-1
H Out-of-Bounds	<0.9.1+svn20081101-1
H Numeric Errors	<0.9.1-10
M Resource Management Errors	<0.9.1-9
H Link Following	<0.9.1-6
M CVE-2008-1945	<0.9.1-5
M Information Exposure	<0.9.1-5
M Access Restriction Bypass	<0.9.1+svn20081207-1
H CVE-2007-1321	<0.9.0-2
H Out-of-Bounds	<0.9.0-2
H Out-of-bounds Write	<0.9.0-2
M CVE-2007-1322	<0.9.0-2
M CVE-2007-1366	<0.9.0-2
H Out-of-bounds Write	<0.9.0-2