qemu vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the qemu package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Use After Free	*
H Buffer Overflow	*
H Buffer Overflow	*
L Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-6+deb9u17
M Off-by-one Error	<1:2.8+dfsg-6+deb9u17
H Use After Free	*
H Use After Free	<1:2.8+dfsg-6+deb9u17
M Resource Exhaustion	*
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u15
H Release of Invalid Pointer or Reference	<1:2.8+dfsg-6+deb9u15
L Access of Uninitialized Pointer	<1:2.8+dfsg-6+deb9u15
L Access of Uninitialized Pointer	*
L Access of Uninitialized Pointer	<1:2.8+dfsg-6+deb9u15
L Access of Uninitialized Pointer	<1:2.8+dfsg-6+deb9u17
M Allocation of Resources Without Limits or Throttling	<1:2.8+dfsg-6+deb9u15
L Out-of-Bounds	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u14
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u14
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u14
M Out-of-Bounds	<1:2.8+dfsg-6+deb9u14
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u13
L Use After Free	<1:2.8+dfsg-6+deb9u14
H Use After Free	<1:2.8+dfsg-6+deb9u13
L Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u14
M NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u17
L Out-of-bounds Read	<1:2.8+dfsg-6+deb9u13
L Out-of-bounds Read	<1:2.8+dfsg-6+deb9u10
M NULL Pointer Dereference	*
M NULL Pointer Dereference	*
M NULL Pointer Dereference	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u13
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u13
L Reachable Assertion	<1:2.8+dfsg-6+deb9u12
M Reachable Assertion	<1:2.8+dfsg-6+deb9u12
L NULL Pointer Dereference	*
L NULL Pointer Dereference	*
L NULL Pointer Dereference	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u12
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u12
L Use After Free	<1:2.8+dfsg-6+deb9u13
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u12
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u11
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u14
L Reachable Assertion	<1:2.8+dfsg-6+deb9u11
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u10
L Use After Free	<1:2.8+dfsg-6+deb9u13
L NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u13
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u10
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u10
L NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u10
M Out-of-Bounds	<1:2.8+dfsg-6+deb9u10
L Out-of-bounds Write	<1:2.8+dfsg-6+deb9u10
L Out-of-bounds Read	<1:2.8+dfsg-6+deb9u10
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u11
M Use After Free	<1:2.8+dfsg-6+deb9u10
L Memory Leak	<1:2.8+dfsg-6+deb9u10
M Buffer Overflow	<1:2.8+dfsg-6+deb9u10
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u11
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u9
L Improper Check for Unusual or Exceptional Conditions	*
H Use After Free	<1:2.8+dfsg-6+deb9u9
L NULL Pointer Dereference	*
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u10
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u8
H CVE-2019-13164	<1:2.8+dfsg-6+deb9u8
L OS Command Injection	*
L OS Command Injection	*
H NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u6
L Integer Overflow or Wraparound	*
C Out-of-Bounds	<1:2.8+dfsg-6+deb9u8
M Use of Uninitialized Resource	<1:2.8+dfsg-6+deb9u6
L Improper Data Handling	*
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u6
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u6
M Time-of-check Time-of-use (TOCTOU)	<1:2.8+dfsg-6+deb9u6
L Integer Overflow or Wraparound	*
M Race Condition	<1:2.8+dfsg-6+deb9u6
M Use After Free	<1:2.8+dfsg-6+deb9u6
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u6
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u6
L Integer Overflow or Wraparound	*
H Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u6
M Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u5
H Out-of-Bounds	<1:2.8+dfsg-6+deb9u5
C Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u5
L CVE-2018-15746	*
H Improper Privilege Management	<1.5.0+dfsg-1
H Stack-based Buffer Overflow	<1:2.8+dfsg-3
L Improper Privilege Management	<2.1+dfsg-1
C Out-of-bounds Read	<1:2.8+dfsg-3
L Improper Input Validation	<2.1+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.1+dfsg-1
H Improper Input Validation	<2.0.0+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.0.0+dfsg-1
M Buffer Overflow	<1:2.4+dfsg-1a
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.4+dfsg-2
L Out-of-Bounds	<2.1+dfsg-1
C Out-of-Bounds	<1:2.8+dfsg-4
C Incorrect Permission Assignment for Critical Resource	<1:2.8+dfsg-5
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.4+dfsg-3
M Out-of-bounds Read	<2.1+dfsg-1
H Resource Exhaustion	<1:2.8+dfsg-6+deb9u4
M Integer Overflow or Wraparound	<2.0.0+dfsg-1
L Out-of-bounds Read	<1:2.8+dfsg-3
H Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u6
H Out-of-bounds Write	<1:2.8+dfsg-6+deb9u6
H Link Following	<1:2.8+dfsg-3
H Out-of-bounds Read	<1:2.8+dfsg-6+deb9u4
M Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u4
M Out-of-bounds Read	<1:2.8+dfsg-4
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u4
M Use After Free	<2.1+dfsg-1
H Improper Input Validation	<1:2.8+dfsg-6+deb9u4
M Information Exposure	<1:2.8+dfsg-6+deb9u4
M Divide By Zero	<1:2.8+dfsg-6+deb9u4
C Improper Input Validation	<1:2.8+dfsg-6+deb9u4
M NULL Pointer Dereference	<1:2.5+dfsg-1
H Out-of-bounds Write	<1:2.5+dfsg-1
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u4
H Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-6+deb9u4
M Race Condition	<1:2.8+dfsg-6+deb9u4
H Integer Overflow or Wraparound	<1:2.8+dfsg-6+deb9u3
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u3
H Use After Free	<1:2.8+dfsg-6+deb9u3
C Out-of-Bounds	<1:2.8+dfsg-5
M NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u3
M Divide By Zero	<2.0.0+dfsg-1
H Integer Overflow or Wraparound	<2.0.0+dfsg-1
M NULL Pointer Dereference	<2.0.0+dfsg-1
H Out-of-Bounds	<2.0.0+dfsg-1
H CVE-2017-10664	<1:2.8+dfsg-6+deb9u1
M Out-of-bounds Write	<1:2.8+dfsg-6+deb9u2
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u2
M Out-of-bounds Read	<1:2.8+dfsg-6+deb9u2
H Out-of-Bounds	<1:2.8+dfsg-4
H Improper Input Validation	<1:2.8+dfsg-6+deb9u2
M Information Exposure	<1:2.8+dfsg-6+deb9u1
M Memory Leak	<1:2.8+dfsg-6+deb9u1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u3
M NULL Pointer Dereference	<1:2.8+dfsg-6+deb9u10
M Memory Leak	<1:2.8+dfsg-6+deb9u1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-6+deb9u1
L Memory Leak	*
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-5
H Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-5
H Incorrect Permission Assignment for Critical Resource	<1:2.8+dfsg-6
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-5
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-5
L Arbitrary Code Injection	*
M Out-of-bounds Read	<1:2.8+dfsg-4
H Memory Leak	<1:2.5+dfsg-3
H Out-of-bounds Write	<1:2.5+dfsg-5
M Resource Management Errors	<1:2.5+dfsg-1
M Divide By Zero	<1:2.5+dfsg-1
M Out-of-bounds Write	<1:2.5+dfsg-3
H Out-of-bounds Write	<1:2.5+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.5+dfsg-3
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-4
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-3
H Integer Overflow or Wraparound	<1:2.8+dfsg-3
M Divide By Zero	<1:2.8+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-3
H Buffer Overflow	<1:2.8+dfsg-3
L Memory Leak	<1:2.8+dfsg-3
M Memory Leak	<1:2.8+dfsg-3
M Out-of-bounds Read	<1:2.8+dfsg-3
M Integer Overflow or Wraparound	<1:2.8+dfsg-3
L Memory Leak	*
L Memory Leak	<1:2.8+dfsg-2
M Memory Leak	<1:2.8+dfsg-2
M Memory Leak	<1:2.8+dfsg-3
M Memory Leak	<1:2.8+dfsg-2
L Memory Leak	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-4
M Out-of-bounds Read	<1:2.7+dfsg-1
L Out-of-bounds Read	*
M NULL Pointer Dereference	<1:2.6+dfsg-1
M Improper Input Validation	<1:2.5+dfsg-1
M Information Exposure	<1:2.8+dfsg-1
M Out-of-Bounds	<1:2.8+dfsg-1
M CVE-2015-8818	<1:2.4+dfsg-1a
M Memory Leak	<1:2.8+dfsg-1
M Memory Leak	<1:2.8+dfsg-1
M Memory Leak	<1:2.8+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
H Out-of-bounds Read	<1:2.5+dfsg-2
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.5+dfsg-5
M Out-of-bounds Read	<1:2.4+dfsg-1a
M NULL Pointer Dereference	<1:2.6+dfsg-1
M NULL Pointer Dereference	<1:2.5+dfsg-4
M Reachable Assertion	<1:2.5+dfsg-1
M Off-by-one Error	<1:2.5+dfsg-3
M Memory Leak	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Use After Free	<1:2.8+dfsg-1
L Information Exposure	<1:2.8+dfsg-1
M Divide By Zero	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Use After Free	<1:2.6+dfsg-3.1
M CVE-2016-7157	<1:2.6+dfsg-3.1
M Incorrect Type Conversion or Cast	<1:2.6+dfsg-3.1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Improper Initialization	<1:2.6+dfsg-3.1
M Buffer Overflow	<1:2.6+dfsg-3.1
M CVE-2016-7155	<1:2.6+dfsg-3.1
M Buffer Overflow	<1:2.6+dfsg-3.1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Improper Validation of Array Index	<1:2.8+dfsg-1
M CVE-2016-4964	<1:2.6+dfsg-2
M Integer Overflow or Wraparound	<1:2.6+dfsg-3.1
M Missing Release of Resource after Effective Lifetime	<1:2.7+dfsg-1
M Buffer Overflow	<1:2.7+dfsg-1
M Directory Traversal	<1:2.6+dfsg-3.1
M CVE-2016-6835	<1:2.6+dfsg-3.1
M Excessive Iteration	<1:2.7+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Information Exposure	<1:2.8+dfsg-1
M Integer Overflow or Wraparound	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Divide By Zero	<1:2.8+dfsg-4
M CVE-2016-8578	<1:2.8+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M Buffer Overflow	<1:2.8+dfsg-1
M Missing Release of Resource after Effective Lifetime	<1:2.8+dfsg-1
M Allocation of Resources Without Limits or Throttling	<1:2.8+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M Divide By Zero	<1:2.8+dfsg-1
M CVE-2016-7423	<1:2.7+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M Improper Input Validation	<1:2.8+dfsg-3
C Out-of-bounds Write	<1:2.7+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.8+dfsg-1
M CVE-2016-6351	<1:2.6+dfsg-3.1
M Use of Uninitialized Resource	<1:2.6+dfsg-2
M Out-of-bounds Write	<1:2.6+dfsg-2
M Out-of-bounds Write	<1:2.6+dfsg-2
M Out-of-bounds Read	<1:2.6+dfsg-2
M Resource Exhaustion	<1:2.6+dfsg-3.1
M Improper Input Validation	<1:2.6+dfsg-1
M CVE-2016-2392	<1:2.6+dfsg-1
H Numeric Errors	<1:2.6+dfsg-1
M NULL Pointer Dereference	<1:2.6+dfsg-1
H CVE-2016-5338	<1:2.6+dfsg-2
M Out-of-bounds Write	<1:2.6+dfsg-3
M CVE-2016-5337	<1:2.6+dfsg-2
H Out-of-bounds Write	<1:2.6+dfsg-2
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.6+dfsg-3
M Out-of-Bounds	<1:2.6+dfsg-3
M CVE-2016-4020	<1:2.6+dfsg-2
M Resource Exhaustion	<1:2.6+dfsg-1
H Buffer Overflow	<1:2.6+dfsg-1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:2.5+dfsg-2
M Out-of-Bounds	<1:2.6+dfsg-2
M Out-of-Bounds	<1:2.6+dfsg-2
M Integer Overflow or Wraparound	<1:2.6+dfsg-1
H Out-of-Bounds	<1:2.6+dfsg-1
C Buffer Overflow	<1:2.6+dfsg-2
H Improper Access Control	<1:2.5+dfsg-2
H Out-of-Bounds	<1:2.6+dfsg-1
H Use After Free	<1:2.5+dfsg-2
M Out-of-bounds Write	<1:2.4+dfsg-1a
H Out-of-Bounds	<1:2.5+dfsg-4
M Insufficient Entropy	<1:2.6+dfsg-1
H Resource Exhaustion	<1:2.3+dfsg-1
C Buffer Overflow	<1:2.5+dfsg-1
M Out-of-Bounds	<1:2.4+dfsg-4
H Divide By Zero	<1:2.4+dfsg-2
H Out-of-Bounds	<1:2.4+dfsg-1a
H Out-of-Bounds	<1:2.4+dfsg-3
H Out-of-Bounds	<1:2.4+dfsg-1a
L Code	<1:2.3+dfsg-5
H Information Exposure	<1:2.4+dfsg-1a
H Access Restriction Bypass	<1:2.4+dfsg-1a
H Out-of-Bounds	<1:2.4+dfsg-1a
H Out-of-bounds Write	<1:2.3+dfsg-6
H Access Restriction Bypass	<1:2.3+dfsg-5
M Resource Management Errors	<1:2.3+dfsg-5
M Incorrect Authorization	<1:2.3+dfsg-5
M Access Restriction Bypass	<1:2.3+dfsg-5
H Out-of-Bounds	<1:2.3+dfsg-3
L Resource Management Errors	<1:2.3+dfsg-1
M Access Restriction Bypass	<1:2.3+dfsg-3
L Improper Input Validation	<2.1+dfsg-8
M Out-of-Bounds	<2.1+dfsg-9
M Off-by-one Error	<2.1+dfsg-5
H Improper Privilege Management	<2.1+dfsg-6
M Improper Input Validation	<2.1+dfsg-7
M NULL Pointer Dereference	<2.1+dfsg-5
H Out-of-Bounds	<2.1+dfsg-1
H Numeric Errors	<2.0.0+dfsg-6
L Numeric Errors	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Arbitrary Code Injection	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Arbitrary Code Injection	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
M Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
M Numeric Errors	<2.0.0+dfsg-6
L Arbitrary Code Injection	<2.1+dfsg-1
L Out-of-Bounds	<2.1+dfsg-1
M Information Exposure	<2.1+dfsg-5
M Out-of-Bounds	<2.1+dfsg-1
M Improper Input Validation	<2.0.0+dfsg-1
H Numeric Errors	<2.0.0+dfsg-1
M Numeric Errors	<1.7.0+dfsg-8
H Out-of-Bounds	<0.15.1+dfsg-2
L Resource Management Errors	<1.7.0+dfsg-1
L Resource Management Errors	<1.7.0+dfsg-4
L Buffer Overflow	<1.6.0+dfsg-2
L Access Restriction Bypass	<1.5.0+dfsg-1
H Buffer Overflow	<1.1.2+dfsg-4
H Improper Input Validation	<1.1.2+dfsg-1
M CVE-2012-2652	<1.1.0+dfsg-1
M Resource Management Errors	<0.11.0-1
L Out-of-Bounds	<0.9.1+svn20081101-1
M Resource Management Errors	<0.9.1-9
L Numeric Errors	<0.9.1-10
L Link Following	<0.9.1-6
L CVE-2008-1945	<0.9.1-5
M Information Exposure	<0.9.1-5
L Access Restriction Bypass	<0.9.1+svn20081207-1
H Out-of-bounds Write	<0.9.0-2
H Out-of-Bounds	<0.9.0-2
H CVE-2007-1321	<0.9.0-2
H Out-of-bounds Write	<0.9.0-2
M CVE-2007-1322	<0.9.0-2
M CVE-2007-1366	<0.9.0-2