CVE-2016-7161

Опубликовано: 05 окт. 2016

Источник: debian

EPSS Низкий

Описание

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
qemu	fixed	1:2.7+dfsg-1		package
qemu-kvm	removed			package

Примечания

http://git.qemu.org/?p=qemu.git;a=commit;h=a0d1cbdacff5df4ded16b753b38fdd9da6092968 (2.7.0-rc3)
http://patchwork.ozlabs.org/patch/657076/

EPSS

Процентиль: 89%

0.05178

Низкий

Связанные уязвимости

CVE-2016-7161

CVSS3: 9.8

ubuntu

больше 8 лет назад

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.

CVE-2016-7161

CVSS3: 7.1

redhat

почти 9 лет назад

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.

CVE-2016-7161

CVSS3: 9.8

nvd

больше 8 лет назад

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.

CVE-2016-7161

CVSS3: 9.8

msrc

больше 4 лет назад

Описание отсутствует

GHSA-9mvr-f38r-9r65

CVSS3: 9.8

github

около 3 лет назад

Heap-based buffer overflow in the .receive callback of xlnx.xps-ethernetlite in QEMU (aka Quick Emulator) allows attackers to execute arbitrary code on the QEMU host via a large ethlite packet.

EPSS

Процентиль: 89%

0.05178

Низкий