[go: up one dir, main page]
|
|
Log in / Subscribe / Register

qemu: denial of service

Package(s):qemu CVE #(s):CVE-2016-5107
Created:June 8, 2016 Updated:June 8, 2016
Description: From the Arch Linux advisory:

Quick Emulator(Qemu) built with the MegaRAID SAS 8708EM2 Host Bus Adapter emulation support is vulnerable to an out-of-bounds read access issue. It could occur while looking up MegaRAID Firmware Interface(MFI) command frames in 'megasas_lookup_frame' routine. A privileged user inside guest could use this flaw to read invalid memory leading to crash the Qemu process on the host.

Alerts:
openSUSE openSUSE-SU-2016:2642-1 qemu 2016-10-26
SUSE SUSE-SU-2016:2589-1 qemu 2016-10-21
SUSE SUSE-SU-2016:2533-1 xen 2016-10-13
openSUSE openSUSE-SU-2016:2497-1 xen 2016-10-11
openSUSE openSUSE-SU-2016:2494-1 xen 2016-10-11
Gentoo 201609-01 qemu 2016-09-25
SUSE SUSE-SU-2016:2100-1 xen 2016-08-18
SUSE SUSE-SU-2016:2093-1 xen 2016-08-17
Ubuntu USN-3047-2 qemu, qemu-kvm 2016-08-12
Ubuntu USN-3047-1 qemu, qemu-kvm 2016-08-04
Fedora FEDORA-2016-ea3002b577 qemu 2016-07-02
Fedora FEDORA-2016-73853a7a16 qemu 2016-07-02
Fedora FEDORA-2016-a80eab65ba qemu 2016-06-25
Arch Linux ASA-201606-8 qemu-arch-extra 2016-06-08
Arch Linux ASA-201606-8 qemu 2016-06-08
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds