Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9777

Опубликовано: 28 дек. 2016
Источник: debian
EPSS Низкий

Описание

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed4.8.15-1package
linuxnot-affectedjessiepackage
linuxnot-affectedwheezypackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1400804

  • Fixed by: https://git.kernel.org/linus/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755 (v4.9-rc7)

  • Introduced in: https://git.kernel.org/linus/af1bae5497b98cb99d6b0492e6981f060420a00c (v4.8-rc1)

  • https://www.openwall.com/lists/oss-security/2016/12/02/2

EPSS

Процентиль: 21%
0.00067
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-9777

CVSS3: 7.8
ubuntu
около 9 лет назад

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

redhat логотип

CVE-2016-9777

CVSS3: 8
redhat
около 9 лет назад

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

nvd логотип

CVE-2016-9777

CVSS3: 7.8
nvd
около 9 лет назад

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

github логотип

GHSA-2x32-fffh-53mr

CVSS3: 7.8
github
больше 3 лет назад

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

EPSS

Процентиль: 21%
0.00067
Низкий