Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-6888

Опубликовано: 10 дек. 2016
Источник: nvd
CVSS3: 4.4
CVSS2: 2.1
EPSS Низкий

Описание

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
Версия до 2.6.2 (включая)
cpe:2.3:a:qemu:qemu:2.7.0:rc0:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.7.0:rc1:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.7.0:rc2:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.7.0:rc3:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*

EPSS

Процентиль: 27%
0.00098
Низкий

4.4 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2016-6888

CVSS3: 4.4
ubuntu
около 9 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

redhat логотип

CVE-2016-6888

CVSS3: 3.5
redhat
больше 9 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

debian логотип

CVE-2016-6888

CVSS3: 4.4
debian
около 9 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt. ...

github логотип

GHSA-fxc3-452x-46r5

CVSS3: 4.4
github
больше 3 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

suse-cvrf логотип

SUSE-SU-2016:2507-1

suse-cvrf
больше 9 лет назад

Security update for xen

EPSS

Процентиль: 27%
0.00098
Низкий

4.4 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-190