qemu vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the qemu package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Use After Free	*
H Buffer Overflow	*
H Buffer Overflow	*
L Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-6+deb9u17
M Off-by-one Error	<1:2.8+dfsg-6+deb9u17
H Use After Free	*
H Use After Free	<1:2.8+dfsg-6+deb9u17
M Resource Exhaustion	*
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u15
H Release of Invalid Pointer or Reference	<1:2.8+dfsg-6+deb9u15
L Access of Uninitialized Pointer	<1:2.8+dfsg-6+deb9u15
L Access of Uninitialized Pointer	*
L Access of Uninitialized Pointer	<1:2.8+dfsg-6+deb9u15
L Access of Uninitialized Pointer	<1:2.8+dfsg-6+deb9u17
M Allocation of Resources Without Limits or Throttling	<1:2.8+dfsg-6+deb9u15
L Out-of-Bounds	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u14
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u14
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u14
M Out-of-Bounds	<1:2.8+dfsg-6+deb9u14
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u13
L Use After Free	<1:2.8+dfsg-6+deb9u14
H Use After Free	<1:2.8+dfsg-6+deb9u13
L Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u14
M NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u17
L Out-of-bounds Read	<1:2.8+dfsg-6+deb9u13
L Out-of-bounds Read	<1:2.8+dfsg-6+deb9u10
M NULL Pointer Dereference	*
M NULL Pointer Dereference	*
M NULL Pointer Dereference	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u13
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u13
L Reachable Assertion	<1:2.8+dfsg-6+deb9u12
M Reachable Assertion	<1:2.8+dfsg-6+deb9u12
L NULL Pointer Dereference	*
L NULL Pointer Dereference	*
L NULL Pointer Dereference	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u12
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u12
L Use After Free	<1:2.8+dfsg-6+deb9u13
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u12
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u11
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u14
L Reachable Assertion	<1:2.8+dfsg-6+deb9u11
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u10
L Use After Free	<1:2.8+dfsg-6+deb9u13
L NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u13
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u10
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u10
L NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u10
M Out-of-Bounds	<1:2.8+dfsg-6+deb9u10
L Out-of-bounds Write	<1:2.8+dfsg-6+deb9u10
L Out-of-bounds Read	<1:2.8+dfsg-6+deb9u10
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u11
M Use After Free	<1:2.8+dfsg-6+deb9u10
L Memory Leak	<1:2.8+dfsg-6+deb9u10
M Buffer Overflow	<1:2.8+dfsg-6+deb9u10
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u11
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u9
L Improper Check for Unusual or Exceptional Conditions	*
H Use After Free	<1:2.8+dfsg-6+deb9u9
L NULL Pointer Dereference	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u10
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u8
H CVE-2019-13164	<1:2.8+dfsg-6+deb9u8
L OS Command Injection	*
L OS Command Injection	*
H NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u6
L Integer Overflow or Wraparound	*
C Out-of-Bounds	<1:2.8+dfsg-6+deb9u8
M Use of Uninitialized Resource	<1:2.8+dfsg-6+deb9u6
L Improper Data Handling	*
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u6
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u6
M Time-of-check Time-of-use (TOCTOU)	<1:2.8+dfsg-6+deb9u6
L Integer Overflow or Wraparound	*
M Race Condition	<1:2.8+dfsg-6+deb9u6
M Use After Free	<1:2.8+dfsg-6+deb9u6
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u6
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u6
L Integer Overflow or Wraparound	*
H Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u6
M Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u5
H Out-of-Bounds	<1:2.8+dfsg-6+deb9u5
C Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u5
L CVE-2018-15746	*
H Improper Privilege Management	<1.5.0+dfsg-1
H Stack-based Buffer Overflow	<1:2.8+dfsg-3
L Improper Privilege Management	<2.1+dfsg-1
C Out-of-bounds Read	<1:2.8+dfsg-3
L Improper Input Validation	<2.1+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.1+dfsg-1
H Improper Input Validation	<2.0.0+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.0.0+dfsg-1
M Buffer Overflow	<1:2.4+dfsg-1a
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.4+dfsg-2
L Out-of-Bounds	<2.1+dfsg-1
C Out-of-Bounds	<1:2.8+dfsg-4
C Incorrect Permission Assignment for Critical Resource	<1:2.8+dfsg-5
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.4+dfsg-3
M Out-of-bounds Read	<2.1+dfsg-1
H Resource Exhaustion	<1:2.8+dfsg-6+deb9u4
M Integer Overflow or Wraparound	<2.0.0+dfsg-1
L Out-of-bounds Read	<1:2.8+dfsg-3
H Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u6
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u6
H Link Following	<1:2.8+dfsg-3
H Out-of-bounds Read	<1:2.8+dfsg-6+deb9u4
M Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u4
M Out-of-bounds Read	<1:2.8+dfsg-4
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u4
M Use After Free	<2.1+dfsg-1
H Improper Input Validation	<1:2.8+dfsg-6+deb9u4
M Information Exposure	<1:2.8+dfsg-6+deb9u4
M Divide By Zero	<1:2.8+dfsg-6+deb9u4
C Improper Input Validation	<1:2.8+dfsg-6+deb9u4
M NULL Pointer Dereference	<1:2.5+dfsg-1
H Out-of-bounds Write	<1:2.5+dfsg-1
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u4
H Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-6+deb9u4
M Race Condition	<1:2.8+dfsg-6+deb9u4
H Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u3
H Use After Free	<1:2.8+dfsg-6+deb9u3
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u3
C Out-of-Bounds	<1:2.8+dfsg-5
M NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u3
H Integer Overflow or Wraparound	<2.0.0+dfsg-1
M Divide By Zero	<2.0.0+dfsg-1
H Out-of-Bounds	<2.0.0+dfsg-1
M NULL Pointer Dereference	<2.0.0+dfsg-1
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u2
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u2
H CVE-2017-10664	<1:2.8+dfsg-6+deb9u1
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u2
H Out-of-Bounds	<1:2.8+dfsg-4
H Improper Input Validation	<1:2.8+dfsg-6+deb9u2
M Information Exposure	<1:2.8+dfsg-6+deb9u1
M NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u10
M Memory Leak	<1:2.8+dfsg-6+deb9u1
M Memory Leak	<1:2.8+dfsg-6+deb9u1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u3
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u1
L Memory Leak	*
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-5
H Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-5
H Incorrect Permission Assignment for Critical Resource	<1:2.8+dfsg-6
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-5
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-5
L Arbitrary Code Injection	*
M Out-of-bounds Read	<1:2.8+dfsg-4
M Resource Management Errors	<1:2.5+dfsg-1
H Memory Leak	<1:2.5+dfsg-3
H Out-of-bounds Write	<1:2.5+dfsg-5
M Divide By Zero	<1:2.5+dfsg-1
H Out-of-bounds Write	<1:2.5+dfsg-1
M Out-of-bounds Write	<1:2.5+dfsg-3
M Missing Release of Resource after Effective Lifetime	<1:2.5+dfsg-3
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-4
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-3
M Divide By Zero	<1:2.8+dfsg-1
H Integer Overflow or Wraparound	<1:2.8+dfsg-3
H Buffer Overflow	<1:2.8+dfsg-3
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-3
M Memory Leak	<1:2.8+dfsg-3
M Out-of-bounds Read	<1:2.8+dfsg-3
L Memory Leak	<1:2.8+dfsg-3
M Integer Overflow or Wraparound	<1:2.8+dfsg-3
M Memory Leak	<1:2.8+dfsg-2
L Memory Leak	*
M Memory Leak	<1:2.8+dfsg-2
L Memory Leak	<1:2.8+dfsg-2
M Memory Leak	<1:2.8+dfsg-3
L Memory Leak	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-4
L Out-of-bounds Read	*
M Out-of-bounds Read	<1:2.7+dfsg-1
M NULL Pointer Dereference	<1:2.6+dfsg-1
M Improper Input Validation	<1:2.5+dfsg-1
M Out-of-Bounds	<1:2.8+dfsg-1
M CVE-2015-8818	<1:2.4+dfsg-1a
M Memory Leak	<1:2.8+dfsg-1
M Out-of-bounds Read	<1:2.4+dfsg-1a
M Reachable Assertion	<1:2.5+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.5+dfsg-5
M NULL Pointer Dereference	<1:2.5+dfsg-4
M NULL Pointer Dereference	<1:2.6+dfsg-1
M Information Exposure	<1:2.8+dfsg-1
M Memory Leak	<1:2.8+dfsg-1
M Memory Leak	<1:2.8+dfsg-1
H Out-of-bounds Read	<1:2.5+dfsg-2
M Memory Leak	<1:2.8+dfsg-1
M Off-by-one Error	<1:2.5+dfsg-3
L Information Exposure	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Use After Free	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Divide By Zero	<1:2.8+dfsg-1
M Improper Initialization	<1:2.6+dfsg-3.1
M Buffer Overflow	<1:2.6+dfsg-3.1
M Incorrect Type Conversion or Cast	<1:2.6+dfsg-3.1
M CVE-2016-7157	<1:2.6+dfsg-3.1
M CVE-2016-7155	<1:2.6+dfsg-3.1
M CVE-2016-4964	<1:2.6+dfsg-2
M Use After Free	<1:2.6+dfsg-3.1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Excessive Iteration	<1:2.7+dfsg-1
M Integer Overflow or Wraparound	<1:2.6+dfsg-3.1
M Missing Release of Resource after Effective Lifetime	<1:2.7+dfsg-1
M Directory Traversal	<1:2.6+dfsg-3.1
M Buffer Overflow	<1:2.7+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M CVE-2016-6835	<1:2.6+dfsg-3.1
M Buffer Overflow	<1:2.6+dfsg-3.1
M Improper Validation of Array Index	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Integer Overflow or Wraparound	<1:2.8+dfsg-1
M Information Exposure	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M Divide By Zero	<1:2.8+dfsg-4
M CVE-2016-8578	<1:2.8+dfsg-1
M Divide By Zero	<1:2.8+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M Buffer Overflow	<1:2.8+dfsg-1
M Allocation of Resources Without Limits or Throttling	<1:2.8+dfsg-1
M CVE-2016-7423	<1:2.7+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M Improper Input Validation	<1:2.8+dfsg-3
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
C Out-of-bounds Write	<1:2.7+dfsg-1
M CVE-2016-6351	<1:2.6+dfsg-3.1
M Out-of-bounds Write	<1:2.6+dfsg-2
M Out-of-bounds Read	<1:2.6+dfsg-2
M Out-of-bounds Write	<1:2.6+dfsg-2
M Use of Uninitialized Resource	<1:2.6+dfsg-2
M Resource Exhaustion	<1:2.6+dfsg-3.1
M Improper Input Validation	<1:2.6+dfsg-1
M CVE-2016-2392	<1:2.6+dfsg-1
M NULL Pointer Dereference	<1:2.6+dfsg-1
H Numeric Errors	<1:2.6+dfsg-1
M CVE-2016-5337	<1:2.6+dfsg-2
H CVE-2016-5338	<1:2.6+dfsg-2
M Out-of-bounds Write	<1:2.6+dfsg-3
M Out-of-Bounds	<1:2.6+dfsg-3
H Out-of-bounds Write	<1:2.6+dfsg-2
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.6+dfsg-3
M CVE-2016-4020	<1:2.6+dfsg-2
M Resource Exhaustion	<1:2.6+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.5+dfsg-2
H Buffer Overflow	<1:2.6+dfsg-1
M Out-of-Bounds	<1:2.6+dfsg-2
M Out-of-Bounds	<1:2.6+dfsg-2
H Out-of-Bounds	<1:2.6+dfsg-1
M Integer Overflow or Wraparound	<1:2.6+dfsg-1
C Buffer Overflow	<1:2.6+dfsg-2
H Improper Access Control	<1:2.5+dfsg-2
H Use After Free	<1:2.5+dfsg-2
H Out-of-Bounds	<1:2.6+dfsg-1
M Out-of-bounds Write	<1:2.4+dfsg-1a
H Out-of-Bounds	<1:2.5+dfsg-4
M Insufficient Entropy	<1:2.6+dfsg-1
H Resource Exhaustion	<1:2.3+dfsg-1
C Buffer Overflow	<1:2.5+dfsg-1
M Out-of-Bounds	<1:2.4+dfsg-4
H Divide By Zero	<1:2.4+dfsg-2
H Out-of-Bounds	<1:2.4+dfsg-1a
H Out-of-Bounds	<1:2.4+dfsg-3
H Out-of-Bounds	<1:2.4+dfsg-1a
L Code	<1:2.3+dfsg-5
H Access Restriction Bypass	<1:2.4+dfsg-1a
H Information Exposure	<1:2.4+dfsg-1a
H Out-of-Bounds	<1:2.4+dfsg-1a
H Out-of-bounds Write	<1:2.3+dfsg-6
M Incorrect Authorization	<1:2.3+dfsg-5
M Resource Management Errors	<1:2.3+dfsg-5
H Access Restriction Bypass	<1:2.3+dfsg-5
M Access Restriction Bypass	<1:2.3+dfsg-5
H Out-of-Bounds	<1:2.3+dfsg-3
L Resource Management Errors	<1:2.3+dfsg-1
M Access Restriction Bypass	<1:2.3+dfsg-3
L Improper Input Validation	<2.1+dfsg-8
M Out-of-Bounds	<2.1+dfsg-9
M Off-by-one Error	<2.1+dfsg-5
M Improper Input Validation	<2.1+dfsg-7
H Improper Privilege Management	<2.1+dfsg-6
M NULL Pointer Dereference	<2.1+dfsg-5
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
M Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
M Numeric Errors	<2.0.0+dfsg-6
L Arbitrary Code Injection	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Arbitrary Code Injection	<2.1+dfsg-1
H Out-of-Bounds	<2.1+dfsg-1
L Arbitrary Code Injection	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Numeric Errors	<2.1+dfsg-1
H Numeric Errors	<2.0.0+dfsg-6
L Out-of-Bounds	<2.1+dfsg-1
M Information Exposure	<2.1+dfsg-5
M Out-of-Bounds	<2.1+dfsg-1
M Improper Input Validation	<2.0.0+dfsg-1
H Numeric Errors	<2.0.0+dfsg-1
M Numeric Errors	<1.7.0+dfsg-8
H Out-of-Bounds	<0.15.1+dfsg-2
L Resource Management Errors	<1.7.0+dfsg-1
L Resource Management Errors	<1.7.0+dfsg-4
L Buffer Overflow	<1.6.0+dfsg-2
L Access Restriction Bypass	<1.5.0+dfsg-1
H Buffer Overflow	<1.1.2+dfsg-4
H Improper Input Validation	<1.1.2+dfsg-1
M CVE-2012-2652	<1.1.0+dfsg-1
M Resource Management Errors	<0.11.0-1
L Out-of-Bounds	<0.9.1+svn20081101-1
M Resource Management Errors	<0.9.1-9
L Numeric Errors	<0.9.1-10
L Link Following	<0.9.1-6
L CVE-2008-1945	<0.9.1-5
M Information Exposure	<0.9.1-5
L Access Restriction Bypass	<0.9.1+svn20081207-1
H Out-of-bounds Write	<0.9.0-2
H CVE-2007-1321	<0.9.0-2
H Out-of-Bounds	<0.9.0-2
M CVE-2007-1366	<0.9.0-2
H Out-of-bounds Write	<0.9.0-2
M CVE-2007-1322	<0.9.0-2