QEMU Security Notices

If you believe you have identified a new security issue in QEMU, please follow the security process to report it in a non-public way. Do NOT use the bug tracker, mailing lists, or IRC to report non-public security issues.

• QSN-2018-011: CCID integer overflow reading data
• QSN-2018-010: Ignore network packet sizes larger than INT_MAX
• QSN-2018-009: pcnet integer overflow accessing buffer
• QSN-2018-008: rtl8139 integer overflow accessing buffer
• QSN-2018-007: qemu-guest-agent integer overflow reading guest file
• QSN-2018-006: slirp buffer overflow assembling fragmented datastream
• QSN-2018-005: ne2000 integer overflow in buffer access
• QSN-2018-004: Cirrus out of bounds access updating VGA display
• QSN-2018-003: Multiboot out of bounds loading kernel
• QSN-2018-002: VGA out of bounds in vga_draw_text
• QSN-2018-001: Speculative store bypass

Alternative formats: [xml]