Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9916

Опубликовано: 29 дек. 2016
Источник: debian

Описание

Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
qemufixed1:2.8+dfsg-1package
qemuno-dsawheezypackage
qemu-kvmremovedpackage
qemu-kvmno-dsawheezypackage

Примечания

  • https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg03278.html

  • Fixed by: http://git.qemu.org/?p=qemu.git;a=commit;h=898ae90a44551d25b8e956fd87372d303c82fe68 (v2.8.0-rc2)

  • Proxy filesystem driver introduced in: http://git.qemu.org/?p=qemu.git;a=commit;h=4c793dda22213a7aba8e4d9a814e8f368a5f8bf7 (v1.0-rc0)

  • https://www.openwall.com/lists/oss-security/2016/12/06/11

Связанные уязвимости

ubuntu логотип

CVE-2016-9916

CVSS3: 6.5
ubuntu
около 9 лет назад

Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

redhat логотип

CVE-2016-9916

CVSS3: 3
redhat
около 9 лет назад

Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

nvd логотип

CVE-2016-9916

CVSS3: 6.5
nvd
около 9 лет назад

Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

github логотип

GHSA-hphm-mg6m-84m8

CVSS3: 6.5
github
больше 3 лет назад

Memory leak in hw/9pfs/9p-proxy.c in QEMU (aka Quick Emulator) allows local privileged guest OS users to cause a denial of service (host memory consumption and possibly QEMU process crash) by leveraging a missing cleanup operation in the proxy backend.

fstec логотип

BDU:2017-00068

fstec
около 9 лет назад

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю вызвать отказ в обслуживании