Msrc Cm1 Qemu-Kvm 4.2.0-33 On Cbl Mariner 1.0 vulnerabilities

4 known vulnerabilities affecting msrc/cm1_qemu-kvm_4.2.0-33_on_cbl_mariner_1.0.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2020-27661MEDIUMCVSS 6.52021-06-08
CVE-2020-27661 [MEDIUM] CWE-369 A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on th A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service. FAQ: Is Azure Linux the o
msrc
CVE-2021-20181HIGHCVSS 7.52021-05-11
CVE-2021-20181 [HIGH] CWE-362 A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error potentially escalating their A race condition flaw was found in the 9pfs server implementation of QEMU up to and including 5.2.0. This flaw allows a malicious 9p client to cause a use-after-free error potentially escalating their privileges on the system. The highest threat from this vulnerability
msrc
CVE-2021-20221MEDIUMCVSS 6.02021-05-11
CVE-2021-20221 [MEDIUM] CWE-125 An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing a An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area it is not masked to be
msrc
CVE-2021-3527MEDIUMCVSS 5.52021-05-11
CVE-2021-3527 [MEDIUM] CWE-770 A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single large transfer request to reduce the overhead and improve performance. The combined size A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single large transfer request to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable len
msrc