DSA-4760-1 qemu -- qemuID: oval:org.secpod.oval:def:66753 | Date: (C)2020-11-09 (M)2022-11-23 |
Class: PATCH | Family: unix |
Multiple security issues were discovered in QEMU, a fast processor emulator: CVE-2020-12829 An integer overflow in the sm501 display device may result in denial of service. CVE-2020-14364 An out-of-bands write in the USB emulation code may result in guest-to-host code execution. CVE-2020-15863 A buffer overflow in the XGMAC network device may result in denial of service or the execution of arbitrary code. CVE-2020-16092 A triggerable assert in the e1000e and vmxnet3 devices may result in denial of service.