CVE-2016-7423

Опубликовано: 15 сент. 2016

Источник: redhat

CVSS3: 4.4

CVSS2: 3.8

Описание

The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator), when built with LSI SAS1068 Host Bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors involving MPTSASRequest objects.

A flaw was found in the Quick Emulator(QEMU) built with LSI SAS1068 Host Bus emulation support, where it is vulnerable to an invalid memory-access issue. The flaw could occur while processing SCSI IO requests in the mptsas_process_scsi_io_request routine. A privileged user inside the guest could use this flaw to crash the QEMU-process instance on the host (denial of service).

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kvm	Not affected
Red Hat Enterprise Linux 5	xen	Not affected
Red Hat Enterprise Linux 6	qemu-kvm	Not affected
Red Hat Enterprise Linux 7	qemu-kvm	Will not fix
Red Hat Enterprise Linux 7	qemu-kvm-rhev	Will not fix
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)	qemu-kvm-rhev	Not affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)	qemu-kvm-rhev	Not affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)	qemu-kvm-rhev	Not affected
Red Hat OpenStack Platform 10 (Newton)	qemu-kvm-rhev	Not affected
Red Hat OpenStack Platform 8 (Liberty)	qemu-kvm-rhev	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-787

https://bugzilla.redhat.com/show_bug.cgi?id=1376776Qemu: scsi: mptsas: OOB access when freeing MPTSASRequest object

4.4 Medium

CVSS3

3.8 Low

CVSS2

Связанные уязвимости

CVE-2016-7423

CVSS3: 4.4

ubuntu

больше 9 лет назад

CVE-2016-7423

CVSS3: 4.4

nvd

больше 9 лет назад

CVE-2016-7423

CVSS3: 4.4

debian

больше 9 лет назад

The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulato ...

GHSA-wv4v-cwg3-f8c9

CVSS3: 4.4

github

больше 3 лет назад

4.4 Medium

CVSS3

3.8 Low

CVSS2