CVE-2023-2861 - Breaking Out of the QEMU 9pfs Jail – How One Flaw Threatens Virtual Machines
---
Introduction
Virtual machines (VMs) and containers often rely on sharing filesystems securely between the guest and the host. QEMU's 9pfs ("Plan
CVE-2023-3255 - Denial of Service via Infinite Loop in QEMU VNC Server Clipboard Handling
In June 2023, the security community uncovered a serious flaw—CVE-2023-3255—in the QEMU virtualization suite, specifically in its built-in VNC server. This vulnerability centers
CVE-2023-3180: Vulnerability in QEMU Virtual Crypto Device May Lead to Heap Buffer Overflow
A security vulnerability, dubbed as CVE-2023-3180, has been discovered in the QEMU virtual crypto device's handling of data encryption/decryption requests. This flaw
CVE-2023-3019 - Exploiting a Use-After-Free in QEMU's e100e NIC Emulation for Denial of Service
QEMU is widely used for hardware emulation—especially for Virtual Machines (VMs). But this power comes with risk: poorly handled virtual hardware can open dangerous
CVE-2022-4172 - Explaining the Integer and Buffer Overflow Bugs in QEMU’s ACPI ERST Device
Security vulnerabilities in virtualization software like QEMU are a big deal—they can let a malicious virtual machine mess with, or even crash, the host
Episode
00:00:00
00:00:00