Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-6836

Опубликовано: 11 авг. 2016
Источник: redhat
CVSS3: 2.4
CVSS2: 2.3
EPSS Низкий

Описание

The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.

Quick Emulator (QEMU) built with the VMWARE VMXNET3 NIC device support is vulnerable to an information leakage issue. The vulnerability could occur while processing the transmit(tx) queue when it reaches the end of a packet. A privileged user inside guest could use this vulnerability to leak host memory bytes to a guest.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmAffected
Red Hat Enterprise Linux 7qemu-kvm-rhevAffected
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevAffected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevAffected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevAffected
Red Hat OpenStack Platform 8 (Liberty)qemu-kvm-rhevAffected
Red Hat OpenStack Platform 9 (Mitaka)qemu-kvm-rhevAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=1366369Qemu: net: vmxnet: Information leakage in vmxnet3_complete_packet

EPSS

Процентиль: 23%
0.00075
Низкий

2.4 Low

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-6836

CVSS3: 6
ubuntu
около 9 лет назад

The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.

nvd логотип

CVE-2016-6836

CVSS3: 6
nvd
около 9 лет назад

The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.

debian логотип

CVE-2016-6836

CVSS3: 6
debian
около 9 лет назад

The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka ...

github логотип

GHSA-rpvr-65rv-4fvq

CVSS3: 6
github
больше 3 лет назад

The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.

suse-cvrf логотип

SUSE-SU-2016:2507-1

suse-cvrf
больше 9 лет назад

Security update for xen

EPSS

Процентиль: 23%
0.00075
Низкий

2.4 Low

CVSS3

2.3 Low

CVSS2