qemu

Top products

The 15 most recently published vulnerabilities affecting qemu.

• CVE-2025-54567hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327.4.2Jul 25, 2025
• CVE-2025-54566hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327.4.2Jul 25, 2025
• CVE-2024-7730Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb()7.4Nov 14, 2024
• CVE-2024-3447Qemu: sdhci: heap buffer overflow in sdhci_write_dataport()6.0Nov 14, 2024
• CVE-2024-6519Qemu: scsi: lsi53c895a: use-after-free local privilege escalation vulnerability8.2Oct 21, 2024
• CVE-2024-8354Qemu-kvm: usb: assertion failure in usb_ep_get()5.5Sep 19, 2024
• CVE-2024-6505Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss6.8Jul 5, 2024
• CVE-2024-3567Qemu-kvm: net: assertion failure in update_sctp_checksum()5.5Apr 10, 2024
• CVE-2024-24474QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs ...8.8Feb 20, 2024
• CVE-2024-26328An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled.6.0Feb 19, 2024
• CVE-2024-26327An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in ...5.3Feb 19, 2024
• CVE-2023-6683Qemu: vnc: null pointer dereference in qemu_clipboard_request()6.5Jan 12, 2024
• CVE-2023-6693Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx()4.9Jan 2, 2024
• CVE-2023-2861Qemu: 9pfs: improper access control on special files6.0Dec 6, 2023
• CVE-2023-5088Qemu: improper ide controller reset can lead to mbr overwrite6.4Nov 3, 2023