Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-5126

Опубликовано: 01 июн. 2016
Источник: debian
EPSS Низкий

Описание

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qemufixed1:2.6+dfsg-2package
qemunot-affectedwheezypackage
qemu-kvmremovedpackage
qemu-kvmnot-affectedwheezypackage

Примечания

  • https://lists.gnu.org/archive/html/qemu-block/2016-05/msg00779.html

  • Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=a6b3167fa0e825aebb5a7cd8b437b6d41584a196

  • https://bugzilla.redhat.com/show_bug.cgi?id=1340924

  • https://www.openwall.com/lists/oss-security/2016/05/30/6

EPSS

Процентиль: 39%
0.0017
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-5126

CVSS3: 7.8
ubuntu
больше 9 лет назад

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

redhat логотип

CVE-2016-5126

CVSS3: 5.4
redhat
больше 9 лет назад

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

nvd логотип

CVE-2016-5126

CVSS3: 7.8
nvd
больше 9 лет назад

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

github логотип

GHSA-qgv9-9qpm-r86f

CVSS3: 7.8
github
больше 3 лет назад

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

oracle-oval логотип

ELSA-2016-1606

oracle-oval
около 9 лет назад

ELSA-2016-1606: qemu-kvm security update (MODERATE)

EPSS

Процентиль: 39%
0.0017
Низкий