5.5

CVE-2016-5403

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version16.04 SwEditionlts
OracleLinux Version5 Update-
OracleLinux Version6
OracleLinux Version7
OracleVm Server Version3.4 HwPlatformx86
QemuQemu Version <= 2.6.0
QemuQemu Version2.7.0 Updaterc0
DebianDebian Linux Version8.0
RedhatOpenstack Version5.0
RedhatOpenstack Version6.0
RedhatOpenstack Version7.0
RedhatOpenstack Version8
RedhatOpenstack Version9
RedhatVirtualization Version3.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.52% 0.402
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.9 3.9 6.9
AV:L/AC:L/Au:N/C:N/I:N/A:C
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource.

http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1943.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-3047-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-3047-2
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1606.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1607.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1653.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1654.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1655.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1756.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1763.html
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/09/msg00021.html
Third Party Advisory
Mailing List
http://rhn.redhat.com/errata/RHSA-2016-1585.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1586.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1652.html
Third Party Advisory
http://www.securityfocus.com/bid/92148
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036476
Third Party Advisory
VDB Entry
http://xenbits.xen.org/xsa/advisory-184.html
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1358359
Third Party Advisory
Issue Tracking