Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-5667

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-16 Mar, 2017 | 15:00
Updated At-05 Aug, 2024 | 15:11
Rejected At-
Credits

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:16 Mar, 2017 | 15:00
Updated At:05 Aug, 2024 | 15:11
Rejected At:
▼CVE Numbering Authority (CNA)

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
mailing-list
x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2017/01/30/2
mailing-list
x_refsource_MLIST
https://security.gentoo.org/glsa/201702-28
vendor-advisory
x_refsource_GENTOO
http://www.securityfocus.com/bid/95885
vdb-entry
x_refsource_BID
http://www.openwall.com/lists/oss-security/2017/02/12/1
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1417559
x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2017/01/31/10
mailing-list
x_refsource_MLIST
http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
x_refsource_CONFIRM
Hyperlink: https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/30/2
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://security.gentoo.org/glsa/201702-28
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securityfocus.com/bid/95885
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.openwall.com/lists/oss-security/2017/02/12/1
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1417559
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/31/10
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
mailing-list
x_refsource_MLIST
x_transferred
http://www.openwall.com/lists/oss-security/2017/01/30/2
mailing-list
x_refsource_MLIST
x_transferred
https://security.gentoo.org/glsa/201702-28
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securityfocus.com/bid/95885
vdb-entry
x_refsource_BID
x_transferred
http://www.openwall.com/lists/oss-security/2017/02/12/1
mailing-list
x_refsource_MLIST
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1417559
x_refsource_CONFIRM
x_transferred
http://www.openwall.com/lists/oss-security/2017/01/31/10
mailing-list
x_refsource_MLIST
x_transferred
http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
x_refsource_CONFIRM
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/30/2
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201702-28
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securityfocus.com/bid/95885
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2017/02/12/1
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1417559
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/31/10
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:16 Mar, 2017 | 15:59
Updated At:20 Apr, 2025 | 01:37

The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds heap access and crash) or execute arbitrary code on the QEMU host via vectors involving the data transfer length.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
QEMU
qemu
>>qemu>>Versions up to 2.8.1.1(inclusive)
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2017/01/30/2secalert@redhat.com
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/01/31/10secalert@redhat.com
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/12/1secalert@redhat.com
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/95885secalert@redhat.com
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1417559secalert@redhat.com
Issue Tracking
Patch
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.htmlsecalert@redhat.com
Third Party Advisory
https://security.gentoo.org/glsa/201702-28secalert@redhat.com
Third Party Advisory
http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2017/01/30/2af854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/01/31/10af854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/02/12/1af854a3a-2127-422b-91ae-364da2661108
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/95885af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1417559af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://security.gentoo.org/glsa/201702-28af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/30/2
Source: secalert@redhat.com
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/31/10
Source: secalert@redhat.com
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/02/12/1
Source: secalert@redhat.com
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/95885
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1417559
Source: secalert@redhat.com
Resource:
Issue Tracking
Patch
Hyperlink: https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201702-28
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/30/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/01/31/10
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/02/12/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/95885
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1417559
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Patch
Hyperlink: https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201702-28
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1030Records found
CVE-2020-24352
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 34.27%
||
7 Day CHG~0.00%
Published-16 Oct, 2020 | 05:05
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-13672
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.56% / 67.43%
||
7 Day CHG~0.00%
Published-01 Sep, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11434
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.79%
||
7 Day CHG~0.00%
Published-25 Jul, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dhcp_decode function in slirp/bootp.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) via a crafted DHCP options string.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11334
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.08% / 23.98%
||
7 Day CHG~0.00%
Published-02 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds access and guest instance crash) by leveraging use of qemu_map_ram_ptr to access guest ram block area.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-4144
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 0.75%
||
7 Day CHG~0.00%
Published-29 Nov, 2022 | 00:00
Updated-14 Apr, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.

Action-Not Available
Vendor-n/aQEMURed Hat, Inc.Fedora Project
Product-enterprise_linuxqemuextra_packages_for_enterprise_linuxfedoraQEMU (QXL device)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10028
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.83%
||
7 Day CHG~0.00%
Published-27 Feb, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a VIRTIO_GPU_CMD_GET_CAPSET command with a maximum capabilities size with a value of 0.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10029
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.87%
||
7 Day CHG~0.00%
Published-27 Feb, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process crash) via a scanout id in a VIRTIO_GPU_CMD_SET_SCANOUT command larger than num_scanouts.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-43389
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 0.42%
||
7 Day CHG~0.00%
Published-04 Nov, 2021 | 18:39
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.Debian GNU/LinuxOracle Corporation
Product-debian_linuxlinux_kernelenterprise_linuxcommunications_cloud_native_core_network_exposure_functioncommunications_cloud_native_core_binding_support_functioncommunications_cloud_native_core_policyn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-14314
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.48%
||
7 Day CHG~0.00%
Published-15 Sep, 2020 | 00:00
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-starwindsoftwareLinux KernelLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelstarwind_virtual_sankernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-13791
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 39.02%
||
7 Day CHG~0.00%
Published-04 Jun, 2020 | 15:24
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-13253
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.65%
||
7 Day CHG~0.00%
Published-27 May, 2020 | 14:09
Updated-04 Aug, 2024 | 12:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-13362
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-3.2||LOW
EPSS-0.10% / 28.94%
||
7 Day CHG~0.00%
Published-28 May, 2020 | 14:35
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.

Action-Not Available
Vendor-n/aopenSUSEQEMUCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxqemuleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-20221
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6||MEDIUM
EPSS-0.01% / 1.77%
||
7 Day CHG~0.00%
Published-13 May, 2021 | 15:34
Updated-03 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds heap buffer access issue was found in the ARM Generic Interrupt Controller emulator of QEMU up to and including qemu 4.2.0on aarch64 platform. The issue occurs because while writing an interrupt ID to the controller memory area, it is not masked to be 4 bits wide. It may lead to the said issue while updating controller state fields and their subsequent processing. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Action-Not Available
Vendor-n/aQEMUDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxqemuenterprise_linuxqemu
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-42755
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.01% / 0.29%
||
7 Day CHG-0.00%
Published-05 Oct, 2023 | 18:25
Updated-23 Jul, 2025 | 18:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: rsvp: out-of-bounds read in rsvp_classify()

A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.Linux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxlinux_kernelenterprise_linuxRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 8Red Hat Enterprise Linux 9
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-20124
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 38.11%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 22:00
Updated-05 Aug, 2024 | 11:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.
Product-ubuntu_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2015-8817
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.98%
||
7 Day CHG~0.00%
Published-29 Dec, 2016 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. Affects QEMU versions >= 1.6.0 and <= 2.3.1. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-6501
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.67%
||
7 Day CHG~0.00%
Published-17 Mar, 2019 | 16:51
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.

Action-Not Available
Vendor-n/aQEMUFedora Project
Product-qemufedoran/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-20808
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 11.82%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 00:26
Updated-05 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the ati_cursor_define() routine while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.

Action-Not Available
Vendor-n/aQEMU
Product-qemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-19221
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.58%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 00:00
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxCanonical Ltd.libarchive
Product-ubuntu_linuxdebian_linuxlibarchivefedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-8754
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.17%
||
7 Day CHG~0.00%
Published-18 Mar, 2018 | 03:00
Updated-05 Aug, 2024 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. NOTE: the vendor has disputed this as described in libyal/libevt issue 5 on GitHub

Action-Not Available
Vendor-libevt_projectn/aDebian GNU/Linux
Product-debian_linuxlibevtn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-7858
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.99%
||
7 Day CHG~0.00%
Published-12 Mar, 2018 | 21:00
Updated-05 Aug, 2024 | 06:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.

Action-Not Available
Vendor-n/aopenSUSEQEMUCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationqemuenterprise_linux_server_tusenterprise_linux_desktopleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5683
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6||MEDIUM
EPSS-0.09% / 26.65%
||
7 Day CHG~0.00%
Published-23 Jan, 2018 | 18:00
Updated-05 Aug, 2024 | 05:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.Debian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationqemuenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-18954
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.26%
||
7 Day CHG~0.00%
Published-15 Nov, 2018 | 20:00
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pnv_lpc_do_eccb function in hw/ppc/pnv_lpc.c in Qemu before 3.1 allows out-of-bounds write or read access to PowerNV memory.

Action-Not Available
Vendor-n/aopenSUSEQEMUCanonical Ltd.
Product-ubuntu_linuxqemuleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-18849
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 23.07%
||
7 Day CHG+0.02%
Published-17 Mar, 2019 | 19:56
Updated-05 Aug, 2024 | 11:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.

Action-Not Available
Vendor-n/aopenSUSEQEMUCanonical Ltd.Fedora Project
Product-ubuntu_linuxqemufedoraleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-7718
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.80%
||
7 Day CHG~0.00%
Published-20 Apr, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18030
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 29.52%
||
7 Day CHG~0.00%
Published-23 Jan, 2018 | 18:00
Updated-05 Aug, 2024 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds array access and QEMU process crash) via vectors related to negative pitch.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2011-1490
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.60%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 01:37
Updated-06 Aug, 2024 | 22:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset

Action-Not Available
Vendor-rsyslogrsyslogDebian GNU/LinuxopenSUSE
Product-opensusersyslogdebian_linuxrsyslog
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2023-3019
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6||MEDIUM
EPSS-0.01% / 0.75%
||
7 Day CHG~0.00%
Published-24 Jul, 2023 | 15:19
Updated-04 Aug, 2025 | 07:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()

A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.

Action-Not Available
Vendor-Red Hat, Inc.QEMU
Product-qemuenterprise_linuxRed Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8 Advanced VirtualizationRed Hat Enterprise Linux 8.8 Extended Update SupportRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.6 Extended Update Support
CWE ID-CWE-416
Use After Free
CVE-2011-1489
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.60%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 01:25
Updated-06 Aug, 2024 | 22:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.

Action-Not Available
Vendor-rsyslogrsyslogDebian GNU/LinuxopenSUSE
Product-opensusersyslogdebian_linuxrsyslog
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2022-23034
Matching Score-8
Assigner-Xen Project
ShareView Details
Matching Score-8
Assigner-Xen Project
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 32.11%
||
7 Day CHG~0.00%
Published-25 Jan, 2022 | 13:43
Updated-03 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.

Action-Not Available
Vendor-Debian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoraxen
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2018-12207
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 59.38%
||
7 Day CHG~0.00%
Published-14 Nov, 2019 | 19:08
Updated-05 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.

Action-Not Available
Vendor-n/aopenSUSEOracle CorporationF5, Inc.Fedora ProjectDebian GNU/LinuxIntel CorporationRed Hat, Inc.Canonical Ltd.
Product-xeon_3040xeon_l7555_firmwarexeon_e7-8893_v3xeon_e7420_firmwarexeon_e5-1620_v2_firmwarexeon_e3-1558l_v5xeon_5140_firmwarexeon_e5-2608l_v4_firmwarexeon_e5-2660_v3xeon_e5-2450_v2core_i5-1035g7xeon_e7450core_i3-8350k_firmwarecore_i3-9350k_firmwarexeon_e5-2697_v4xeon_d-1527xeon_e5472xeon_x5492_firmwarexeon_x3370_firmwarexeon_w-2125xeon_e7-8890_v3_firmwarexeon_gold_5217_firmwarexeon_e6510xeon_e3-1220_v5_firmwarexeon_e7-8880_v4xeon_e5-2620_v2_firmwarexeon_d-2163it_firmwareceleron_g1610t_firmwarexeon_l7345core_i7-9700xeon_gold_6240_firmwarexeon_gold_6234xeon_e3-1280_v5pentium_gold_g5400txeon_lc5518_firmwarecore_i5-1035g4core_i9-9920x_x-seriesxeon_d-1518xeon_w-2255xeon_e5-1680_v3_firmwarexeon_e5462xeon_e3-1285l_v4_firmwarecore_i5-9600t_firmwarecore_i7-6567u_firmwarexeon_x3380_firmwarexeon_e7-4830_v3_firmwarexeon_gold_6248_firmwareenterprise_linux_servercore_i9-7920xxeon_e5-2683_v4xeon_e5-2608l_v4xeon_e5-1660_v3_firmwarexeon_e-2224xeon_l3110_firmwarexeon_gold_5218celeron_g1830core_i9-7940x_firmwarexeon_d-1567xeon_x5680_firmwarecore_i5-8269u_firmwarecore_i5-6287u_firmwarexeon_e5420xeon_d-2173it_firmwarecore_i5-5350h_firmwarexeon_w-2245xeon_e5-2699_v3xeon_x7350_firmwarexeon_e5620_firmwarecore_i5-8700bxeon_l5215xeon_e3-1240_v5_firmwarecore_i5-5250uxeon_e5-4640_v2xeon_x5472_firmwarecore_i7-10710u_firmwarecore_i7-7820hkxeon_e5-4657l_v2xeon_l3426_firmwarecore_i7-5850hqxeon_e7-8870_v4_firmwarexeon_e3-1558l_v5_firmwarexeon_e7-8895_v2_firmwarexeon_e5-2609_v2_firmwarexeon_gold_6240core_i7-6970hqxeon_7150nceleron_g1820te_firmwarexeon_e5-2450l_v2_firmwarecore_i5-9400_firmwarexeon_e7-8893_v4_firmwarexeon_d-2177nt_firmwarecore_i7-8500y_firmwarexeon_e7-4860_v2_firmwarexeon_e5-2667_v4_firmwareceleron_g4930e_firmwarexeon_gold_5218t_xeon_e7-8893_v2xeon_gold_5220s_firmwarexeon_e5520xeon_d-1539core_m3-6y30celeron_g4900txeon_5063_firmwarexeon_e5530_firmwarexeon_w3565core_m-5y31_firmwarexeon_e3-1275_v5_firmwarexeon_x5672xeon_e3-1535m_v5xeon_x5570_firmwareceleron_g3900te_firmwarexeon_l5530_firmwarexeon_e5603xeon_e7-4809_v3xeon_gold_6230_firmwarexeon_d-2146ntceleron_g4932exeon_e5-2609_v2xeon_e3-1268l_v5xeon_7130mxeon_e3110xeon_e7-4820_v3_firmwarexeon_x3210_firmwarexeon_w-2223_firmwarexeon_e3-1260l_v5_firmwarecore_i7-8750hcore_i7-5700hq_firmwarexeon_l5630xeon_e5607_firmwarecore_i3-7100u_firmwarexeon_e5-4669_v4_firmwarexeon_x3220xeon_e5-2680_v2xeon_d-2166ntxeon_e3-1270_v6xeon_e3-1505m_v5xeon_silver_4216xeon_gold_6230xeon_e5-2403_v2_firmwarexeon_w-2195xeon_e5630_firmwareopenshift_container_platformxeon_e5-2628l_v4xeon_e7540_firmwarexeon_e-2276gcore_i5-7267u_firmwarecore_i7-5557u_firmwarexeon_d-2183itxeon_l7455_firmwarecore_i3-5020uxeon_e5-2687w_v2core_i3-7100core_i7-8809gxeon_e5-4667_v3xeon_lc3518_firmwarexeon_e7-4809_v2_firmwarecore_i5-5257ucore_m-5y70xeon_x5677xeon_e3-1230_v6_firmwarecore_i5-7267ucore_i5\+8500xeon_e5220xeon_silver_4208core_m-5y10a_firmwarexeon_e3-1585_v5xeon_l5618_firmwarexeon_e5-2667_v2_firmwarecore_i7-6560uxeon_w-2123core_i5-9400txeon_gold_5220sxeon_platinum_8280m_firmwarecore_i7-5550u_firmwarexeon_platinum_9282core_i5-8300hxeon_x3370xeon_e3-1220_v6_firmwarexeon_e5-2683_v3core_i3-10110yxeon_e5-2637_v2_firmwarexeon_platinum_9242_firmwarexeon_e3-1535m_v6_firmwarexeon_7041xeon_silver_4210xeon_platinum_8256_firmwarexeon_e5649_firmwarexeon_e5420_firmwarexeon_l5240big-ip_application_acceleration_managerxeon_e5-2618l_v4_firmwarepentium_gold_g5500txeon_e5-2650_v3_firmwarexeon_e3-1240l_v5_firmwarexeon_7150n_firmwarexeon_e5-2660_v3_firmwarexeon_platinum_8276mxeon_x3470_firmwarexeon_gold_6238mceleron_g4920xeon_e-2274gcore_i3-6167uxeon_l3360_firmwarecore_i5-9500xeon_d-1540xeon_x3470xeon_e5-1650_v2xeon_e5-2698_v4xeon_e3-1245_v5_firmwarexeon_d-1528core_i7-6500ucore_i7-6500u_firmwarexeon_x3320_firmwareceleron_g3902exeon_e5-4620_v2_firmwarexeon_e3-1280_v6_firmwarexeon_x5260xeon_gold_6230t_firmwarexeon_e5-2620_v3_firmwarexeon_e5-2660_v4xeon_lv_5128_firmwaredebian_linuxxeon_l7345_firmwarecore_i3-7100h_firmwarecore_i5-8300h_firmwarexeon_silver_4208_firmwarexeon_platinum_8268xeon_e5-2650_v4_firmwarexeon_e-2136_firmwarexeon_e3-1235l_v5_firmwarexeon_e5-2690_v2_firmwarexeon_e5-1660_v2xeon_ec5539core_i7-8565uxeon_e7450_firmwarexeon_x5675xeon_e5-2630_v4_firmwarexeon_e5-2687w_v4core_i9-9980xe_firmwarexeon_l5609_firmwarexeon_e-2274g_firmwarexeon_e7340xeon_e5502_firmwarecore_i5-7300hqcore_i7-7560uxeon_e5-2695_v2_firmwarexeon_e3-1271_v3xeon_gold_6240mxeon_e5-4667_v3_firmwarepentium_gold_g5420txeon_3040_firmwarexeon_e3-1220l_v3_firmwarexeon_x3330core_i5-6200u_firmwarecore_i3-8100t_firmwarecore_i5-8259uxeon_e5-2699a_v4_firmwarexeon_d-1529xeon_e3-1265l_v3xeon_x3230core_i9-9900x_x-series_firmwarepentium_gold_g5500xeon_w-3265m_firmwarexeon_e5-4660_v4_firmwarecore_i7-5850hq_firmwarexeon_5040_firmwarexeon_e7-4809_v4xeon_x5690_firmwarecore_i9-7900x_firmwarecore_i7-9850h_firmwarexeon_e5335_firmwarecore_i5-6350hqxeon_e5-2630l_v4_firmwarexeon_gold_5218_firmwarexeon_l7455core_i5-7600tceleron_g1630_firmwareenterprise_linux_server_tusxeon_e5-2618l_v4xeon_l5520_firmwarecore_i5-6350hq_firmwarexeon_e-2224gxeon_5070xeon_w-2135xeon_l3014xeon_l5618xeon_e3-1231_v3_firmwarexeon_x3430_firmwarexeon_l5420_firmwarecore_i5-9300hxeon_w3565_firmwarecore_i3-7167u_firmwarecore_i7-8559u_firmwarexeon_gold_5220t_firmwarecore_i7-8086k_firmwarexeon_gold_5220_firmwarecore_i5-1035g1_firmwareceleron_g1620xeon_w5590core_i5-9400hcore_i7-8500yleapxeon_x5270xeon_e5-4640_v3_firmwarexeon_x5675_firmwarexeon_e5-2680_v4_firmwarecore_i7-5557uxeon_gold_6240m_firmwarexeon_e7530xeon_e5-1630_v4_firmwarexeon_e7-8890_v2xeon_lc5528xeon_x5560xeon_e5-4603_v2_firmwarexeon_e5-2640_v2_firmwarecore_i7-7820hqxeon_e5-2620_v3core_i5-6260u_firmwarexeon_w3690xeon_7041_firmwarexeon_l5640xeon_5063core_i3-8300t_firmwarecore_i3-8109u_firmwarecore_i5-7400_firmwarexeon_gold_6254_firmwarexeon_e3-1275_v5core_i7-9700k_firmwarexeon_x5355core_i9-10980xe_firmwarexeon_e3-1240_v5xeon_e-2288g_firmwarexeon_e5-2430_v2_firmwarexeon_5060_firmwarexeon_e5-2450_v2_firmwarexeon_e5-2440_v2_firmwarexeon_e3-1230l_v3xeon_l7445_firmwarexeon_e5-2650_v3xeon_e5-2660_v2_firmwarexeon_e7430xeon_x7560core_i7-6567uxeon_e5-1650_v4_firmwarexeon_x5365core_i7-5775cxeon_e5-2683_v3_firmwarexeon_5070_firmwarexeon_lv_5133_firmwarecore_i9-7900xxeon_e7-8880_v4_firmwareceleron_g3930_firmwarecore_i7-6870hq_firmwarecore_i9-10900x_x-series_firmwarexeon_w-3223xeon_d-1539_firmwarexeon_7130nxeon_d-1559xeon_7130m_firmwarexeon_x5650xeon_w-2235_firmwareceleron_g1610tcore_i5-8265ucore_i5-6300hqxeon_x5670xeon_e5-2648l_v4_firmwarecore_i3-5157u_firmwarepentium_gold_g5400t_firmwarepentium_gold_4410y_firmwarexeon_3070_firmwarexeon_e-2286g_firmwarexeon_d-2183it_firmwarexeon_e3-1220_v3core_i3-5005u_firmwareceleron_g3920_firmwarexeon_e5-4627_v3xeon_e7-4850_v4core_i3-8350kxeon_7110ncore_i5-7500txeon_e3-1505m_v6core_i3-9100core_i5-9600k_firmwarexeon_e7-4880_v2_firmwarexeon_platinum_9282_firmwarexeon_5110_firmwarexeon_e-2224g_firmwarexeon_l5238pentium_gold_g5600xeon_lv_5148_firmwarexeon_e3120xeon_platinum_8276lceleron_g4950_firmwarecore_i7-7700kcore_i7-8705gxeon_e7-4860_v2xeon_l5408_firmwarexeon_platinum_9222big-ip_policy_enforcement_managerxeon_gold_6230tcore_i7-7660uxeon_d-1627_firmwarecore_i3-6100u_firmwarecore_i7-8706gxeon_w-3225xeon_w3550_firmwarexeon_e5-2630_v2_firmwarexeon_e3-1565l_v5xeon_x5470xeon_e5-4610_v2_firmwarepentium_gold_4415u_firmwarexeon_e5-2643_v2_firmwarexeon_e3-1240_v6core_i5-8259u_firmwarexeon_w-2155_firmwarexeon_e7-4850_v3_firmwarecore_i7-8705g_firmwarecore_i3-7100tcore_i7-7700txeon_e7-2850_v2_firmwarexeon_w-3225_firmwarexeon_e5-1630_v4xeon_e5-4660_v3xeon_w-2295core_i9-9900x_x-seriescore_i5-10210ucore_i5-7260u_firmwarecore_i5-7600k_firmwarexeon_e5-2697_v3_firmwarecore_i7-6770hqxeon_e5-2407_v2core_m-5y10axeon_e3-1270_v6_firmwarexeon_gold_5215mcore_i5-7200u_firmwarecore_i7-10510u_firmwarexeon_gold_5215xeon_e5-2667_v3xeon_e7-4820_v3xeon_e5-2650_v2xeon_e-2226g_firmwarexeon_d-2143itxeon_l5238_firmwareceleron_g1610_firmwarexeon_e5405xeon_e5-2699_v4xeon_gold_6244_firmwarexeon_7140n_firmwarexeon_d-2161i_firmwarexeon_e3-1225_v6xeon_e3-1220l_v3core_i7\+8700_firmwarexeon_e5-2699_v3_firmwarexeon_e-2144g_firmwarexeon_e5-2650l_v2_firmwarexeon_e5-2643_v4_firmwarexeon_e3-1225_v5_firmwarexeon_e3-1240l_v5xeon_e5-2690_v3celeron_g1620t_firmwareceleron_g1820_firmwarecore_i3-10110uxeon_e5-1630_v3xeon_w3520xeon_e7530_firmwarecore_i9-10940x_x-series_firmwarexeon_e7310xeon_x5680xeon_e7440xeon_e5-4650_v2_firmwarexeon_x5450_firmwarexeon_e5-2680_v3core_i5-5287u_firmwarexeon_e5-2697_v4_firmwarexeon_platinum_8280mcore_i9-7980xexeon_gold_6240l_firmwarexeon_e5-4655_v3_firmwarexeon_d-2123it_firmwareceleron_g4900t_firmwarexeon_e5502xeon_x5670_firmwarecore_i7-6870hqpentium_gold_4415yxeon_x3480xeon_gold_6238lxeon_e5-2637_v3xeon_e5-2699_v4_firmwarexeon_l5430_firmwarexeon_e7-8890_v2_firmwarecore_i9-10920x_x-seriesxeon_w3670core_i3-1005g1_firmwarexeon_e7-8880l_v3_firmwarebig-ip_advanced_firewall_managerxeon_w-3265mxeon_e5620xeon_e5645core_i5-7500xeon_d-1627xeon_l5518xeon_platinum_8260y_firmwarexeon_x3460xeon_d-1602xeon_x5270_firmwarecore_i5\+8400_firmwarexeon_e3-1270_v5_firmwarexeon_e7-8890_v4core_i5-7200uxeon_e7310_firmwarecore_i5-8350u_firmwareceleron_g1820tceleron_g3930exeon_e5-4607_v2_firmwarexeon_gold_6240y_firmwarexeon_e5-2630l_v3_firmwarexeon_e3-1535m_v5_firmwarexeon_e5-2690_v4xeon_x3230_firmwarexeon_e7-8891_v2pentium_gold_g5600_firmwarexeon_e7-4850_v2xeon_e5-2658_v4_firmwarexeon_e3-1545m_v5xeon_w3680_firmwarecore_i3-9300_firmwarecore_i5-8400txeon_e5430_firmwarexeon_d-2145nt_firmwarepentium_gold_g5600tcore_i3-5015uceleron_g3930tcore_i9-9960x_x-series_firmwarexeon_e7340_firmwarexeon_e7-4870_v2xeon_l5506_firmwarexeon_d-1541_firmwarecore_i7-5775c_firmwarecore_i7-5500uceleron_g4920_firmwarexeon_e3-1260l_v5xeon_l5310_firmwarexeon_e5240_firmwarexeon_d-1623n_firmwarexeon_l5508_firmwarecore_i3-7100hxeon_l5215_firmwarexeon_d-1548_firmwarexeon_3070xeon_e5-2690_v3_firmwarexeon_d-1559_firmwarepentium_gold_g5400_firmwarexeon_x3320xeon_e7-4809_v4_firmwarecore_i5-8200y_firmwarecore_i7-8550u_firmwarecore_i5-6287ucore_i5-1035g7_firmwarexeon_e5-2697a_v4_firmwarexeon_e5450xeon_e5-4650_v3xeon_d-1540_firmwarexeon_platinum_8260mxeon_silver_4214y_firmwarecore_i5-9400xeon_w3680core_i3-8100txeon_e5-1650_v3_firmwarexeon_platinum_8260xeon_e7210big-ip_global_traffic_managerxeon_bronze_3204_firmwarecore_i7-5550uxeon_d-2142it_firmwarexeon_e5-2470_v2core_i5-7500t_firmwarecore_i7-6820hk_firmwarexeon_e3-1280_v5_firmwarexeon_e5-2420_v2celeron_g4930t_firmwarecore_i7-8650uxeon_bronze_3204xeon_e5-4627_v3_firmwarexeon_e5-2430_v2core_m3-7y30_firmwarexeon_e5504_firmwarexeon_e7-8870_v2_firmwarecore_i7-9750h_firmwarecore_i3-6167u_firmwarecore_i3-6100uxeon_w3670_firmwarexeon_gold_5217xeon_e5-2687w_v4_firmwarepentium_gold_4415uxeon_e7330_firmwarexeon_w5580_firmwarexeon_e-2234_firmwarexeon_w5590_firmwarexeon_e3120_firmwarexeon_x5365_firmwarexeon_gold_5222_firmwarexeon_w-3245xeon_e7-4820_v4_firmwareceleron_g1850_firmwarecore_i3-10110y_firmwarecore_i5-1035g4_firmwarecore_i5-8500bxeon_x5650_firmwarexeon_d-1523ncore_i5-8269uxeon_x3440xeon_e5-4660_v3_firmwarecore_i5-6300hq_firmwarexeon_e-2288gxeon_d-1653ncore_m-5y10_firmwarecore_i7-8709g_firmwarexeon_e5-4650_v2xeon_e5-4669_v4xeon_e7220_firmwarexeon_d-1543n_firmwareceleron_g3900txeon_w-2195_firmwarexeon_w3570enterprise_managerxeon_5040xeon_l7545xeon_x5472xeon_gold_6252n_firmwarexeon_5140core_i5-10210y_firmwarexeon_e5-1650_v3xeon_e5-2630_v2core_m-5y51_firmwarecore_i3-7350kxeon_w-2265_firmwarexeon_e3-1276_v3_firmwarexeon_e7-8891_v3core_i5-8250uxeon_e5440xeon_d-1571_firmwarecore_i7-9700txeon_gold_6252nxeon_7110m_firmwarexeon_l5506xeon_gold_6244xeon_e5-2695_v3xeon_x5690core_i7-8650u_firmwarexeon_w-3245_firmwarexeon_l5318xeon_gold_6226_firmwarecore_i3-5157uxeon_5130_firmwarecore_i5-6200ucore_i7-7700k_firmwarecore_i7-6700hq_firmwarexeon_x5460_firmwarexeon_3050_firmwarexeon_w-2135_firmwarecore_i9-9940x_x-seriescore_m-5y10c_firmwareceleron_g3902e_firmwarexeon_e5-2603_v2_firmwarexeon_e5-1660_v3xeon_d-1520core_i7-6970hq_firmwarexeon_platinum_8256xeon_gold_6238l_firmwarexeon_e5-2623_v3xeon_e7-4830_v4_firmwarexeon_e5-2680_v2_firmwarexeon_e7-2890_v2xeon_x5647_firmwarexeon_d-1520_firmwarexeon_w-2125_firmwarexeon_e3-1268l_v5_firmwarexeon_w-2175_firmwarexeon_e5507xeon_e3-1241_v3_firmwarexeon_7110n_firmwarexeon_e3-1275_v6xeon_d-1531xeon_x5550core_i3-9300txeon_gold_6262v_firmwarexeon_e-2278gxeon_5120_firmwarexeon_platinum_8260yxeon_platinum_8260m_firmwarexeon_e7-8867_v3xeon_x3350_firmwarexeon_e7-8880_v2_firmwarexeon_e5-2450l_v2core_i9-9980xexeon_d-2142itcore_i5-8265u_firmwarexeon_e3-1281_v3_firmwarexeon_e3-1505m_v6_firmwarexeon_gold_5215m_firmwareceleron_g3930te_firmwarexeon_e3-1545m_v5_firmwarexeon_platinum_8276xeon_x3450_firmwarexeon_e3-1235l_v5core_i7\+8700core_i7-5700hqxeon_e5-1660_v4_firmwarexeon_e5-4628l_v4xeon_e5-4610a_v4xeon_e5-2630l_v2_firmwarecore_m3-7y30core_i3-9350kxeon_e5-2650l_v2xeon_e5-2680_v3_firmwarexeon_7120mxeon_platinum_8276m_firmwarexeon_x5672_firmwareceleron_g4950xeon_e3-1240l_v3_firmwarexeon_e7-4850_v2_firmwarecore_i7-7700t_firmwarexeon_w-3275_firmwarexeon_e7220xeon_e7-8890_v3xeon_x5660_firmwarexeon_e5-2623_v4_firmwarecore_i5-8200ycore_i9-10900x_x-seriesceleron_g3900t_firmwarexeon_e3-1285_v4_firmwarexeon_w-2275xeon_e5-2697_v2_firmwarexeon_d-1543nxeon_d-1528_firmwarexeon_l5320_firmwareceleron_g4900_firmwarecore_i5-7440hqceleron_g1620txeon_e-2144gxeon_e3-1245_v6_firmwarexeon_d-1521xeon_d-2191_firmwarexeon_e5-2637_v3_firmwareceleron_g3900eceleron_g1820tecore_i7-7700_firmwareceleron_g3950_firmwarexeon_e5-4650_v4_firmwarexeon_e5630xeon_3060_firmwarebig-ip_analyticsxeon_7020core_i5-9600tcore_m-5y31xeon_w3540_firmwarecore_i3-9320core_i7-1065g7xeon_w3550core_i3-8130uxeon_x5450xeon_platinum_8276l_firmwarexeon_e5-2650l_v3xeon_lc5518xeon_5030xeon_e5-2687w_v2_firmwarexeon_e3-1230_v5enterprise_linux_server_eusxeon_e5-1630_v3_firmwareenterprise_linux_server_auscore_i3-9100_firmwarexeon_w-3245mxeon_lv_5113_firmwareceleron_g1620_firmwarexeon_e3-1226_v3_firmwarexeon_e5430xeon_e5205_firmwarexeon_e7-8880l_v2xeon_w3530_firmwarexeon_l5408xeon_e5-1680_v3xeon_e5-2670_v2pentium_gold_g5420xeon_e5606xeon_e-2124g_firmwarepentium_gold_g5420t_firmwarecore_i5-8305g_firmwarecore_i5-7500_firmwarecore_m-5y71_firmwarexeon_e5-2690_v2xeon_e5-4610_v3xeon_e7-8870_v3xeon_x7542pentium_gold_g5420_firmwarecore_i5-7y54xeon_e5-4650_v4xeon_e5-1660_v4xeon_e7-8891_v4xeon_d-1521_firmwarexeon_l5638_firmwarexeon_e5240xeon_e5-1620_v2xeon_e-2226gxeon_e3-1226_v3xeon_d-1557_firmwarexeon_x5687_firmwarecore_i7-5500u_firmwarecore_i3-8145uxeon_e7-4820_v2_firmwarexeon_e5-1620_v3_firmwarexeon_e7-4830_v2core_i5-9600_firmwarexeon_platinum_8268_firmwarexeon_gold_6262vcore_i3-8109uxeon_e5-2609_v4_firmwarexeon_e5-2640_v3xeon_e7-8880l_v3xeon_e5-1620_v4xeon_e6540_firmwarexeon_gold_6238m_firmwarecore_i3-7300xeon_d-1567_firmwarebig-ip_application_security_managerxeon_e5-2630l_v3xeon_e5-4640_v4xeon_e5-4655_v4_firmwarexeon_e-2134_firmwarexeon_silver_4210_firmwarexeon_d-2191xeon_x7460_firmwarecore_i5-8400bcore_i3-9300t_firmwarexeon_e5405_firmwarexeon_lv_5113core_i5-9500_firmwarecore_m-5y10cxeon_e5-4627_v4_firmwarepentium_gold_g5620xeon_platinum_8276_firmwarexeon_e7440_firmwarexeon_e7-8870_v4core_i5-8700b_firmwarexeon_7030xeon_e7540xeon_5060xeon_e3-1265l_v4xeon_ec5509_firmwarexeon_x5482celeron_g3930texeon_e-2136pentium_gold_6405u_firmwarecore_i7-10510ucore_i7-9700kxeon_d-1533n_firmwarecore_i3-8100xeon_w-2265xeon_gold_5215_firmwarexeon_e5335xeon_e5-2667_v4xeon_7130n_firmwarexeon_e5503_firmwarexeon_e3-1285l_v4xeon_w-2245_firmwarexeon_x5470_firmwarexeon_e7-8870_v2xeon_l5410_firmwarecore_i3-7300_firmwarexeon_e7330fedoraxeon_l3406_firmwarexeon_x3430xeon_lc3528core_i5-7287u_firmwarecore_i7-7700core_m-5y10xeon_e5-1680_v4core_i7-7820hq_firmwarexeon_5110core_i7-5950hq_firmwarexeon_e3-1575m_v5_firmwarecore_i7-7920hq_firmwarexeon_platinum_8280l_firmwarexeon_d-1577_firmwarexeon_e-2124_firmwarecore_i7-5750hq_firmwarexeon_e3-1240_v6_firmwarexeon_e5506xeon_e5-4660_v4xeon_x3360_firmwarexeon_e7520_firmwareceleron_g3900_firmwarexeon_e3-1505m_v5_firmwarexeon_d-2187ntcore_i5-8500b_firmwarexeon_e5-2643_v3_firmwareceleron_g4930core_i3-6100h_firmwarecore_i5-7600xeon_e5504core_i9-7940xxeon_w-3265_firmwarexeon_e5-2698_v3_firmwarexeon_7120n_firmwarexeon_e5530xeon_platinum_8253xeon_e5-2630l_v4xeon_e5-4667_v4big-ip_fraud_protection_servicexeon_lv_5128core_i3-8300xeon_e-2186gcore_i5-7400tcore_i3-5005uxeon_e5-2690_v4_firmwarexeon_e-2174gxeon_e5-2630_v4xeon_d-1622xeon_e5-4610_v3_firmwareceleron_g4932e_firmwarexeon_x5355_firmwarexeon_lc5528_firmwarecore_i5-7260uxeon_w-2145_firmwarexeon_e5-2643_v3xeon_d-2145ntxeon_e5450_firmwarexeon_e5-1650_v4big-ip_access_policy_managerxeon_gold_6238core_i7-7500u_firmwarexeon_e5-2630_v3xeon_e5-4627_v2_firmwarecore_i7-7800xxeon_e3-1275_v6_firmwarexeon_e7320core_i5-10210yxeon_e3-1225_v6_firmwarecore_i7-7820hk_firmwarexeon_e5-2623_v4xeon_e5-4620_v4_firmwarexeon_w-3275mxeon_e7420xeon_e7-8890_v4_firmwarecore_i5-10210u_firmwarexeon_x5460xeon_l5310xeon_d-1513n_firmwarexeon_e5540_firmwarecore_i3-7300t_firmwarexeon_e3-1265l_v4_firmwarexeon_e5-1620_v4_firmwareceleron_g4930exeon_e5472_firmwarepentium_gold_4410yxeon_x3350core_i5-9600xeon_e5-2637_v4_firmwarexeon_e3-1585l_v5_firmwarexeon_e7-8867_v4big-ip_local_traffic_managerxeon_e5410_firmwarexeon_5150_firmwarexeon_e5640xeon_e3-1281_v3pentium_gold_g5600t_firmwarexeon_lv_5133xeon_e-2224_firmwarexeon_x5272_firmwarexeon_e3-1240l_v3pentium_gold_6405uxeon_5050_firmwarecore_i5-9300h_firmwarexeon_e5345celeron_g1820xeon_e7-8880_v3core_i3-9320_firmwarexeon_l5630_firmwarexeon_gold_5220t_xeon_lv_5148xeon_3060core_i9-10940x_x-seriescore_i5-8400b_firmwarexeon_e3-1280_v6xeon_e7-8891_v3_firmwarecore_i5-5200uxeon_e3-1225_v3xeon_e7-4890_v2_firmwarecore_i3-8100_firmwarexeon_e5-2650l_v3_firmwarexeon_l5318_firmwarexeon_5030_firmwarexeon_e5-2697_v3xeon_w3580_firmwarexeon_e5-4603_v2xeon_e5-4627_v4xeon_e-2124core_i5-7287ucore_i7-10710uxeon_d-1541xeon_d-2141ixeon_e7-4830_v4xeon_e3-1275_v3xeon_e7-4809_v2xeon_e5310xeon_e5440_firmwarexeon_d-1633n_firmwarexeon_e-2276g_firmwarexeon_gold_6230n_firmwarexeon_e5-4620_v3_firmwarexeon_gold_5222core_i3-5015u_firmwarecore_i5-7300hq_firmwarexeon_x5260_firmwarexeon_e5-4607_v2core_i7-8706g_firmwarexeon_w-2133_firmwarecore_i3-6100hcore_i5-7400t_firmwarexeon_d-1548xeon_e5-4667_v4_firmwarepentium_gold_4415y_firmwarexeon_e3-1535m_v6xeon_d-1649nxeon_w5580xeon_platinum_9221xeon_l5638xeon_e5-2603_v4_firmwarecore_i7-10510y_firmwarexeon_e3-1220_v5core_i5-5257u_firmwarexeon_7040_firmwarexeon_5050xeon_e-2146g_firmwarexeon_5080xeon_e5-2403_v2xeon_l5335xeon_w3520_firmwarecore_i7-6700hqxeon_e5-2667_v3_firmwarexeon_x5482_firmwarecore_i7-7800x_firmwarexeon_w-2225_firmwarexeon_x7560_firmwarexeon_e5-2640_v2xeon_5120xeon_e5-2407_v2_firmwarexeon_gold_6238t_firmwarecore_i3-7100_firmwarexeon_e5320_firmwarexeon_e7-8891_v4_firmwarexeon_w-2155xeon_e-2278g_firmwarecore_i7-7500ucore_i7-8550uxeon_7110mxeon_l5320xeon_e5-2650l_v4_firmwareceleron_g1840_firmwareubuntu_linuxxeon_e5-2623_v3_firmwarexeon_x3480_firmwarexeon_lc3528_firmwarecore_i3-9100txeon_lv_5138xeon_d-1623nxeon_x7550xeon_3065xeon_w-2145pentium_gold_4425yxeon_e5-4650_v3_firmwarecore_m-5y71xeon_e5507_firmwarexeon_platinum_9222_firmwarexeon_platinum_8253_firmwarexeon_d-1622_firmwarexeon_e3-1585_v5_firmwarecore_i3-7167uxeon_e-2176g_firmwarexeon_e5-2620_v2core_i7-7567uceleron_g3900e_firmwarexeon_w-2295_firmwarecore_i3-8145u_firmwarexeon_silver_4214xeon_l5530xeon_d-2161ixeon_e3-1225_v3_firmwarexeon_d-2141i_firmwarecore_i7-7660u_firmwarexeon_e3-1585l_v5xeon_gold_5218bxeon_e7-2880_v2_firmwarexeon_e5-2670_v3xeon_e5-4640_v4_firmwarebig-iq_centralized_managementcore_i7-8750h_firmwarecore_i3-5010u_firmwarecore_i3-7300txeon_e5-1680_v4_firmwarexeon_silver_4216_firmwarexeon_e3-1271_v3_firmwarecore_m3-6y54_firmwarexeon_x5647core_i5-7y54_firmwarexeon_e-2246g_firmwarexeon_e5607xeon_e5-2648l_v4xeon_e5645_firmwarexeon_e-2174g_firmwarexeon_e5-4620_v4xeon_e7-8855_v4xeon_7040xeon_d-1513nxeon_d-1537xeon_d-2187nt_firmwarexeon_e3-1515m_v5xeon_x5660xeon_e3-1225_v5xeon_e5-2630l_v2xeon_l7555core_i5-7600_firmwarexeon_l3426xeon_w-3275m_firmwarexeon_5150xeon_e5-2667_v2xeon_e7-4890_v2xeon_e3-1515m_v5_firmwarexeon_lc3518xeon_e5-2630_v3_firmwarexeon_e7-4830_v2_firmwarexeon_w-3175xxeon_e3-1230l_v3_firmwarecore_i5-6267u_firmwarexeon_l5609xeon_gold_6222v_firmwarecore_i7-9750hxeon_platinum_8260_firmwarexeon_e7-8893_v2_firmwarexeon_w-2225xeon_e5-4669_v3xeon_ec5539_firmwarexeon_x3360core_i7-7560u_firmwarexeon_w-2133xeon_e5-1660_v2_firmwarexeon_d-1557xeon_e7-2890_v2_firmwarexeon_e7430_firmwarexeon_e7-2870_v2_firmwarepentium_gold_g5500_firmwarexeon_e7-8860_v3_firmwarexeon_e5-2670_v2_firmwarexeon_d-1553n_firmwarexeon_e5-2687w_v3_firmwarexeon_e5-4627_v2xeon_w-2223core_i9-7920x_firmwarexeon_x6550_firmwarexeon_e5-4620_v2xeon_e5-2470_v2_firmwarecore_i3-8300txeon_e3-1565l_v5_firmwarepentium_gold_g5620_firmwarexeon_ec5549_firmwarexeon_x3460_firmwarexeon_e-2236xeon_e-2236_firmwarexeon_e-2126g_firmwarexeon_gold_6238_firmwareceleron_g1820t_firmwarexeon_x5492xeon_e5640_firmwarecore_i9-7960x_firmwarexeon_x5570celeron_g3950xeon_e5-2640_v4_firmwarecore_i5-8400xeon_x5667_firmwarexeon_gold_6246core_i7-8086kxeon_x7460pentium_gold_g5500t_firmwarexeon_e5-2603_v3_firmwarexeon_e5-2603_v2xeon_d-1527_firmwarepentium_gold_5405u_firmwarebig-ip_domain_name_systemxeon_e5-2683_v4_firmwarexeon_w-3245m_firmwarexeon_e5-2628l_v4_firmwarexeon_e5-4628l_v4_firmwarexeon_e5-2603_v3xeon_e7-4850_v4_firmwarexeon_3065_firmwarexeon_gold_6240y_xeon_e7-8870_v3_firmwarexeon_w3540xeon_e5310_firmwarexeon_e-2134xeon_l3360xeon_e5-4655_v3core_i5-5350hxeon_e5-2620_v4_firmwarexeon_d-2163itxeon_e5220_firmwaresolariscore_i5-10310y_firmwarepentium_gold_4417uxeon_e5-4610a_v4_firmwarecore_i7-10510yxeon_gold_5215lxeon_e5-4655_v4xeon_silver_4215_firmwarecore_i5-7360u_firmwarexeon_w-2275_firmwarexeon_l5430xeon_e5-2658_v4xeon_e5-2440_v2xeon_l5335_firmwarexeon_x5272xeon_w3570_firmwarecore_i9-7960xceleron_g3900core_i7-7820xxeon_e7-8893_v3_firmwarecore_i5-9600kxeon_d-1531_firmwarecore_i7-7700hqxeon_e6510_firmwarexeon_e7-4830_v3xeon_e5-2420_v2_firmwarexeon_e5-2698_v3core_i3-9100t_firmwarexeon_e3-1245_v5xeon_l5508xeon_e7-8880_v3_firmwarexeon_7140m_firmwarexeon_e7-8857_v2_firmwarebig-ip_link_controllerxeon_d-1571xeon_gold_6240lxeon_e5-1620_v3xeon_5080_firmwarecore_i5-8350uxeon_w-3223_firmwarecore_m3-6y30_firmwarexeon_e7-8850_v2_firmwareceleron_g1830_firmwarexeon_d-2173itceleron_g3930xeon_d-2123itxeon_e-2246gceleron_g3930t_firmwarexeon_l5240_firmwarexeon_l5420xeon_gold_5218n_firmwarexeon_e5-2670_v3_firmwarexeon_e5-2637_v4xeon_w-2255_firmwarexeon_e3-1241_v3xeon_ec3539_firmwarexeon_e5-2695_v4_firmwarexeon_e5-2687w_v3xeon_x5677_firmwarecore_i5-5200u_firmwarexeon_e5-2680_v4xeon_e5-2697a_v4xeon_e7-4809_v3_firmwarexeon_gold_6242_firmwarexeon_d-1649n_firmwarexeon_e-2104g_firmwarexeon_e5-2609_v4core_i7-7920hqxeon_e3-1220_v3_firmwarexeon_e5503xeon_e5-2660_v2xeon_e5-1650_v2_firmwarexeon_w-2123_firmwarecore_m3-6y54core_i3-6100_firmwarecore_m-5y51xeon_e3-1270_v5xeon_d-1537_firmwarecore_i3-7350k_firmwarexeon_x5560_firmwarexeon_e7320_firmwarexeon_d-2166nt_firmwareceleron_g1840t_firmwarexeon_e3-1246_v3xeon_e5-2643_v4xeon_e5-2699a_v4xeon_7120nxeon_l5410celeron_g1840xeon_l3110core_i3-9300xeon_5160_firmwarexeon_e7-2870_v2xeon_e7-8860_v3xeon_e-2244gcore_i5\+8400xeon_e-2176gxeon_e5-2698_v4_firmwarexeon_7020_firmwarexeon_e5-2637_v2xeon_7140mceleron_g1630core_i7-8709gxeon_l3014_firmwarexeon_l7545_firmwarecore_i3-5020u_firmwarexeon_e7-4870_v2_firmwarexeon_l5640_firmwarexeon_3050xeon_e5-2650l_v4xeon_7120m_firmwarexeon_l5518_firmwarexeon_d-1529_firmwarepentium_gold_4417u_firmwarexeon_d-1637_firmwarecore_m3-8100y_firmwarexeon_e-2104gcore_i7-5950hqxeon_7030_firmwarexeon_e7-8850_v2xeon_e5-2695_v2core_i5-6260uxeon_5130xeon_e5-4640_v2_firmwarexeon_e5606_firmwarexeon_e5345_firmwarexeon_silver_4214_firmwareceleron_g4930_firmwarecore_i5-9500tceleron_g1610xeon_d-2143it_firmwarexeon_platinum_9242core_i5-7400xeon_platinum_8280lxeon_e7-4850_v3xeon_d-1523n_firmwarexeon_platinum_8280_firmwarexeon_e5-2697_v2xeon_x7350core_i3-7320xeon_e5205xeon_e7-8880l_v2_firmwarexeon_e5-4669_v3_firmwarecore_i9-9960x_x-seriesxeon_e3-1230_v6xeon_e7-8867_v3_firmwarexeon_e5-2430l_v2core_i5-1035g1xeon_w3580xeon_gold_6230ncore_i5-5250u_firmwarexeon_w-3265core_i7-8565u_firmwarexeon_gold_6246_firmwarexeon_e7-2850_v2pentium_gold_4425y_firmwarexeon_gold_5218nxeon_e5-2620_v4xeon_platinum_9221_firmwarexeon_e-2186g_firmwarexeon_ec5549xeon_e3-1276_v3xeon_w3530core_i5-7600t_firmwarexeon_e-2124gxeon_e3-1231_v3core_i9-7980xe_firmwarexeon_e6540core_i5-7440hq_firmwarexeon_e7-8880_v2xeon_e7-8891_v2_firmwarexeon_x3380xeon_e5462_firmwarexeon_gold_5220xeon_e-2234xeon_e7-8860_v4_firmwarexeon_d-1637xeon_d-1577celeron_g3930e_firmwarexeon_gold_6254xeon_silver_4209t_firmwarecore_i7-9850hcore_i7-9700t_firmwarexeon_x3210xeon_gold_5215l_firmwarecore_i7-7820x_firmwarexeon_e3110_firmwarexeon_e5-2640_v4xeon_e7-8893_v4core_i3-8130u_firmwarexeon_ec3539celeron_g3920core_i3-7100uceleron_g1850core_i5-5287uxeon_d-1653n_firmwarexeon_w-3275core_i5-7600kxeon_platinum_8270_firmwarexeon_e5-2640_v3_firmwarexeon_d-1553nxeon_e-2126gxeon_silver_4209txeon_e5-4620_v3xeon_gold_6234_firmwarexeon_d-1633ncore_i3-7100t_firmwareceleron_g1840tcore_i5-7360uxeon_e7-4820_v4xeon_e5-2650_v2_firmwarexeon_gold_5218t_firmwarexeon_gold_6248xeon_platinum_8260l_firmwarexeon_d-1518_firmwarexeon_e3-1220_v6xeon_e5649xeon_platinum_8280core_m3-8100ycore_m-5y70_firmwarecore_i5-8250u_firmwarexeon_e3-1246_v3_firmwarecore_i7-7567u_firmwarecore_i3-7320_firmwarecore_i5-8400_firmwarexeon_e5520_firmwarexeon_e5-4657l_v2_firmwarexeon_e3-1285_v4xeon_e5320xeon_x7550_firmwarecore_i7-7700hq_firmwarexeon_e3-1265l_v3_firmwarecore_i7-6820hkxeon_d-2146nt_firmwarexeon_e3-1230_v5_firmwarexeon_x5687xeon_e3-1275_v3_firmwarecore_i5-10310ycore_i9-10920x_x-series_firmwarexeon_gold_5218b_firmwarecore_i5-8400t_firmwarexeon_e7-8857_v2xeon_lv_5138_firmwarexeon_e-2286gxeon_gold_6222vcore_i9-9940x_x-series_firmwarexeon_5160xeon_x6550xeon_x5550_firmwarexeon_gold_6242xeon_x7542_firmwarexeon_e5-4610_v2xeon_e7-4820_v2xeon_e-2244g_firmwarexeon_e3-1575m_v5xeon_e7-8895_v2xeon_e7-8855_v4_firmwarexeon_platinum_8270xeon_e5-2650_v4xeon_x3450xeon_e5-2660_v4_firmwarexeon_d-1533nxeon_x3330_firmwarexeon_e3-1245_v6xeon_silver_4215xeon_w-3175x_firmwarexeon_l7445xeon_w-2235xeon_e5-2695_v4xeon_7140ncore_i7-6560u_firmwarecore_i3-8300_firmwareceleron_g4930tcore_i7-1065g7_firmwarecore_i5\+8500_firmwarexeon_gold_6238txeon_silver_4214yxeon_e5-2603_v4xeon_e5506_firmwarecore_i9-10980xexeon_e5-2643_v2xeon_e5-2695_v3_firmwarexeon_e7-8860_v4xeon_w3690_firmwarexeon_e5-2430l_v2_firmwarexeon_x3220_firmwarecore_i7-8809g_firmwarexeon_e7520xeon_e7-4880_v2xeon_e7-8867_v4_firmwareceleron_g4900core_i5-9400h_firmwarecore_i3-5010upentium_gold_g5400core_i3-6100xeon_ec5509xeon_l5520xeon_x5667core_i3-10110u_firmwarexeon_x3440_firmwarexeon_gold_6226core_i5-9500t_firmwarexeon_gold_6252xeon_e5410core_i7-6770hq_firmwarexeon_e5-4640_v3core_i7-5750hqcore_i5-6267upentium_gold_5405uceleron_g3900tecore_i3-1005g1core_i9-9920x_x-series_firmwarexeon_l3406xeon_gold_6252_firmwarexeon_e7210_firmwarecore_i5-8305gxeon_e5603_firmwarecore_i5-9400t_firmwarexeon_platinum_8260lcore_i7-8559uxeon_d-1602_firmwarexeon_e5540core_i7-9700_firmwarexeon_e-2146gxeon_d-2177ntxeon_w-2175xeon_e7-2880_v22019.2 IPU – Intel(R) Processor Machine Check Error
CWE ID-CWE-20
Improper Input Validation
CVE-2020-1983
Matching Score-8
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-8
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.79%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 19:30
Updated-16 Sep, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libslirp: use after free vulnerability cause a denial of service.

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

Action-Not Available
Vendor-libslirp_projectslirpCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoralibslirpleaplibslirp
CWE ID-CWE-416
Use After Free
CVE-2020-18442
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.06% / 17.96%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 14:25
Updated-10 Jul, 2025 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file".

Action-Not Available
Vendor-gdraheimn/aFedora ProjectDebian GNU/Linux
Product-zziplibfedoradebian_linuxn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2009-1186
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.1||LOW
EPSS-0.09% / 25.81%
||
7 Day CHG~0.00%
Published-17 Apr, 2009 | 14:00
Updated-07 Aug, 2024 | 05:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.

Action-Not Available
Vendor-udev_projectn/aSUSEDebian GNU/LinuxFedora ProjectopenSUSECanonical Ltd.
Product-ubuntu_linuxlinux_enterprise_serverdebian_linuxopensusefedoralinux_enterprise_debuginfoudevlinux_enterprise_desktopn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-16092
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.8||LOW
EPSS-0.05% / 13.71%
||
7 Day CHG~0.00%
Published-11 Aug, 2020 | 15:55
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c.

Action-Not Available
Vendor-n/aopenSUSEQEMUCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxdebian_linuxqemuleapn/a
CWE ID-CWE-617
Reachable Assertion
CVE-2020-15564
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 8.33%
||
7 Day CHG~0.00%
Published-07 Jul, 2020 | 12:25
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info. The hypercall VCPUOP_register_vcpu_info is used by a guest to register a shared region with the hypervisor. The region will be mapped into Xen address space so it can be directly accessed. On Arm, the region is accessed with instructions that require a specific alignment. Unfortunately, there is no check that the address provided by the guest will be correctly aligned. As a result, a malicious guest could cause a hypervisor crash by passing a misaligned address. A malicious guest administrator may cause a hypervisor crash, resulting in a Denial of Service (DoS). All Xen versions are vulnerable. Only Arm systems are vulnerable. x86 systems are not affected.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectXen Project
Product-xendebian_linuxfedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-15469
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.3||LOW
EPSS-0.03% / 5.36%
||
7 Day CHG~0.00%
Published-02 Jul, 2020 | 19:25
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-15393
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.73%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 21:58
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2020-15563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 8.92%
||
7 Day CHG~0.00%
Published-07 Jul, 2020 | 12:23
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HVM guest may cause the hypervisor to crash, resulting in Denial of Service (DoS) affecting the entire host. Xen versions from 4.8 onwards are affected. Xen versions 4.7 and earlier are not affected. Only x86 systems are affected. Arm systems are not affected. Only x86 HVM guests using shadow paging can leverage the vulnerability. In addition, there needs to be an entity actively monitoring a guest's video frame buffer (typically for display purposes) in order for such a guest to be able to leverage the vulnerability. x86 PV guests, as well as x86 HVM guests using hardware assisted paging (HAP), cannot leverage the vulnerability.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxopenSUSEXen Project
Product-xendebian_linuxfedoraleapn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-15305
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 33.22%
||
7 Day CHG~0.00%
Published-26 Jun, 2020 | 00:38
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.

Action-Not Available
Vendor-openexrn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoraopenexrleapn/a
CWE ID-CWE-416
Use After Free
CVE-2020-15859
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.03% / 5.43%
||
7 Day CHG~0.00%
Published-21 Jul, 2020 | 15:25
Updated-04 Aug, 2024 | 13:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-416
Use After Free
CVE-2020-15306
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.15% / 36.18%
||
7 Day CHG~0.00%
Published-26 Jun, 2020 | 00:38
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

Action-Not Available
Vendor-openexrn/aCanonical Ltd.openSUSEFedora ProjectDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxfedoraopenexrleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-15566
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 5.68%
||
7 Day CHG~0.00%
Published-07 Jul, 2020 | 12:23
Updated-04 Aug, 2024 | 13:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is already in use, (2) the memory allocation failed, or (3) the port we try to allocate is higher than what is supported by the ABI (e.g., 2L or FIFO) used by the guest or the limit set by an administrator (max_event_channels in xl cfg). Due to the missing error checks, only (1) will be considered an error. All the other cases will provide a valid port and will result in a crash when trying to access the event channel. When the administrator configured a guest to allow more than 1023 event channels, that guest may be able to crash the host. When Xen is out-of-memory, allocation of new event channels will result in crashing the host rather than reporting an error. Xen versions 4.10 and later are affected. All architectures are affected. The default configuration, when guests are created with xl/libxl, is not vulnerable, because of the default event-channel limit.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2017-12809
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.37%
||
7 Day CHG~0.00%
Published-23 Aug, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

QEMU (aka Quick Emulator), when built with the IDE disk and CD/DVD-ROM Emulator support, allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by flushing an empty CDROM device drive.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2008-4407
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.05% / 16.36%
||
7 Day CHG~0.00%
Published-03 Oct, 2008 | 17:18
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create /tmp/sabre.log, which allows local users to cause a denial of service (application unavailability) by creating a /tmp/sabre.log file that cannot be overwritten.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-xsabren/a
CVE-2022-42314
Matching Score-8
Assigner-Xen Project
ShareView Details
Matching Score-8
Assigner-Xen Project
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 13.33%
||
7 Day CHG~0.00%
Published-01 Nov, 2022 | 00:00
Updated-06 May, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxXen Project
Product-debian_linuxfedoraxenxen
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-10806
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 27.22%
||
7 Day CHG~0.00%
Published-02 Aug, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in hw/usb/redirect.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU process crash) via vectors related to logging debug messages.

Action-Not Available
Vendor-n/aQEMUDebian GNU/Linux
Product-debian_linuxqemun/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-42311
Matching Score-8
Assigner-Xen Project
ShareView Details
Matching Score-8
Assigner-Xen Project
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 13.05%
||
7 Day CHG~0.00%
Published-01 Nov, 2022 | 00:00
Updated-06 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction

Action-Not Available
Vendor-Xen ProjectDebian GNU/LinuxFedora Project
Product-debian_linuxfedoraxenxen
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-42316
Matching Score-8
Assigner-Xen Project
ShareView Details
Matching Score-8
Assigner-Xen Project
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 13.33%
||
7 Day CHG~0.00%
Published-01 Nov, 2022 | 00:00
Updated-05 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction

Action-Not Available
Vendor-Xen ProjectDebian GNU/LinuxFedora Project
Product-xendebian_linuxfedoraxen
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2022-42315
Matching Score-8
Assigner-Xen Project
ShareView Details
Matching Score-8
Assigner-Xen Project
CVSS Score-6.5||MEDIUM
EPSS-0.05% / 13.33%
||
7 Day CHG~0.00%
Published-01 Nov, 2022 | 00:00
Updated-06 May, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how guests can cause large memory allocations in xenstored: - - by issuing new requests to xenstored without reading the responses, causing the responses to be buffered in memory - - by causing large number of watch events to be generated via setting up multiple xenstore watches and then e.g. deleting many xenstore nodes below the watched path - - by creating as many nodes as allowed with the maximum allowed size and path length in as many transactions as possible - - by accessing many nodes inside a transaction

Action-Not Available
Vendor-Fedora ProjectDebian GNU/LinuxXen Project
Product-debian_linuxfedoraxenxen
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 20
  • 21
  • Next
Details not found