Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-6888

Опубликовано: 09 авг. 2016
Источник: redhat
CVSS3: 3.5
CVSS2: 2.3
EPSS Низкий

Описание

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmWill not fix
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 10.0 (Newton)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 11.0 (Ocata)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 8.0 (Liberty)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1369031Qemu: net: vmxnet: integer overflow in packet initialisation

EPSS

Процентиль: 27%
0.00098
Низкий

3.5 Low

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-6888

CVSS3: 4.4
ubuntu
около 9 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

nvd логотип

CVE-2016-6888

CVSS3: 4.4
nvd
около 9 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

debian логотип

CVE-2016-6888

CVSS3: 4.4
debian
около 9 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt. ...

github логотип

GHSA-fxc3-452x-46r5

CVSS3: 4.4
github
больше 3 лет назад

Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.

suse-cvrf логотип

SUSE-SU-2016:2507-1

suse-cvrf
больше 9 лет назад

Security update for xen

EPSS

Процентиль: 27%
0.00098
Низкий

3.5 Low

CVSS3

2.3 Low

CVSS2