6

CVE-2016-7422

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QemuQemu Version <= 2.7.1
OpensuseLeap Version42.2
RedhatOpenstack Version6.0
RedhatOpenstack Version7.0
RedhatOpenstack Version8
RedhatOpenstack Version9
RedhatOpenstack Version10
RedhatOpenstack Version11
RedhatVirtualization Version4.0
   RedhatEnterprise Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.281
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6 1.5 4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

https://security.gentoo.org/glsa/201609-01
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2392
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2408
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Third Party Advisory
Mailing List
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=973e7170dddefb491a48df5cba33b2ae151013a0
http://www.openwall.com/lists/oss-security/2016/09/16/10
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2016/09/16/4
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/92996
Third Party Advisory
VDB Entry
https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg03546.html
Patch
Third Party Advisory