qemu-vgabios vulnerabilities

Known vulnerabilities in the qemu-vgabios package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Information Exposure	<1.11.0-9.4.1
H Out-of-bounds Read	<1.11.0-9.4.1
M Out-of-bounds Write	<1.11.0-9.4.1
M Integer Overflow or Wraparound	<1.11.0-9.9.1
M Integer Overflow or Wraparound	<1.11.0-9.12.2
M Out-of-bounds Read	<1.11.0-9.12.2
M Out-of-Bounds	<1.11.0-9.12.2
M Integer Overflow or Wraparound	<1.11.0-9.12.2
M Out-of-bounds Read	<1.11.0-9.12.2
M Stack-based Buffer Overflow	<1.11.0-9.12.2
M CVE-2018-15746	<1.11.0-9.12.2
M Out-of-bounds Read	<1.11.0-9.17.1
H Out-of-bounds Read	<1.11.0-9.20.1
H Out-of-bounds Write	<1.11.0-9.20.1
M Use After Free	<1.11.0-9.20.1
L Race Condition	<1.11.0-9.20.1
M Time-of-check Time-of-use (TOCTOU)	<1.11.0-9.20.1
L Use of Uninitialized Resource	<1.11.0-9.25.1
L Exposure of Resource to Wrong Sphere	<1.11.0-9.25.1
M Out-of-Bounds	<1.11.0-9.25.1
M Out-of-Bounds	<1.11.0-9.25.1
M CVE-2019-11091	<1.11.0-9.25.1
M Information Exposure	<1.11.0-9.25.1
M Information Exposure	<1.11.0-9.25.1
M Information Exposure	<1.11.0-9.25.1
H Improper Handling of Exceptional Conditions	<1.11.0-9.28.3
M CVE-2019-13164	<1.11.0-9.28.3
L NULL Pointer Dereference	<1.11.0-9.28.3
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1.11.0-9.33.1
M CVE-2019-11135	<1.11.0-9.33.1
L Missing Release of Resource after Effective Lifetime	<1.11.0-9.33.1
M Improper Input Validation	<1.11.0-9.33.1
M Buffer Overflow	<1.11.0-9.36.1
M Out-of-bounds Write	<1.11.0-9.36.1
H Use After Free	<1.11.0-9.36.1
H Out-of-bounds Write	<1.11.0-9.36.1
H Out-of-bounds Write	<1.11.0-9.36.1
M Memory Leak	<1.11.0-9.36.1
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1.11.0_0_g63451fc-9.43.1
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1.11.0_0_g63451fc-9.43.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
L Integer Overflow or Wraparound	<1.11.0_0_g63451fc-9.43.1
H Race Condition	<1.11.0_0_g63451fc-9.43.1
L Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
L Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1.11.0_0_g63451fc-9.43.1
M Reachable Assertion	<1.11.0_0_g63451fc-9.43.1
L Reachable Assertion	<1.11.0_0_g63451fc-9.43.1
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1.11.0_0_g63451fc-9.43.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
M Use After Free	<1.11.0_0_g63451fc-9.43.1
L Reachable Assertion	<1.11.0_0_g63451fc-9.43.1
H Out-of-bounds Write	<1.11.0_0_g63451fc-9.43.1
M NULL Pointer Dereference	<1.11.0_0_g63451fc-9.43.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
H Out-of-bounds Write	<1.11.0_0_g63451fc-9.43.1
M NULL Pointer Dereference	<1.11.0_0_g63451fc-9.43.1
L Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
L Out-of-bounds Write	<1.11.0_0_g63451fc-9.43.1
M Integer Overflow or Wraparound	<1.11.0_0_g63451fc-9.43.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.43.1
M CVE-2021-3419	<1.11.0_0_g63451fc-9.46.1
L Loop with Unreachable Exit Condition ('Infinite Loop')	<1.11.0_0_g63451fc-9.46.1
M Buffer Overflow	<1.11.0_0_g63451fc-9.46.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.46.1
L Out-of-bounds Read	<1.11.0_0_g63451fc-9.46.1
L Reachable Assertion	<1.11.0_0_g63451fc-9.46.1
M CVE-2020-25707	<1.11.0_0_g63451fc-9.46.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.46.1
L Out-of-Bounds	<1.11.0_0_g63451fc-9.46.1
M Out-of-bounds Read	<1.11.0_0_g63451fc-9.46.1
M Use After Free	<1.11.0_0_g63451fc-9.46.1
M Out-of-Bounds	<1.11.0_0_g63451fc-9.49.1
L Access of Uninitialized Pointer	<1.11.0_0_g63451fc-9.49.1
L Access of Uninitialized Pointer	<1.11.0_0_g63451fc-9.49.1
L Access of Uninitialized Pointer	<1.11.0_0_g63451fc-9.49.1
L Access of Uninitialized Pointer	<1.11.0_0_g63451fc-9.49.1
M Use After Free	<1.11.0_0_g63451fc-70.59.1
H Out-of-bounds Write	<1.11.0_0_g63451fc-70.59.1
M Release of Invalid Pointer or Reference	<1.11.0_0_g63451fc-70.59.1
L Allocation of Resources Without Limits or Throttling	<1.11.0_0_g63451fc-70.59.1
L Uncontrolled Recursion	<1.11.0_0_g63451fc-70.59.1
M Use After Free	<1.11.0_0_g63451fc-70.59.1
M NULL Pointer Dereference	<1.11.0_0_g63451fc-70.59.1
M NULL Pointer Dereference	<1.11.0_0_g63451fc-70.59.1
M NULL Pointer Dereference	<1.11.0_0_g63451fc-70.59.1

Vulnerability

Vulnerable Version

Information Exposure

<1.11.0-9.4.1

Out-of-bounds Read

<1.11.0-9.4.1

Out-of-bounds Write

<1.11.0-9.4.1

Integer Overflow or Wraparound

<1.11.0-9.9.1

Integer Overflow or Wraparound

<1.11.0-9.12.2