Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-9911

Опубликовано: 08 нояб. 2016
Источник: redhat
CVSS3: 3
CVSS2: 2.3
EPSS Низкий

Описание

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmWill not fix
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 10.0 (Newton)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 11.0 (Ocata)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017
Red Hat OpenStack Platform 8.0 (Liberty)qemu-kvm-rhevFixedRHSA-2017:240801.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-244
https://bugzilla.redhat.com/show_bug.cgi?id=1402272Qemu: usb: ehci: memory leakage in ehci_init_transfer

EPSS

Процентиль: 36%
0.00153
Низкий

3 Low

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-9911

CVSS3: 6.5
ubuntu
около 9 лет назад

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

nvd логотип

CVE-2016-9911

CVSS3: 6.5
nvd
около 9 лет назад

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

debian логотип

CVE-2016-9911

CVSS3: 6.5
debian
около 9 лет назад

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vul ...

github логотип

GHSA-hq78-7w28-92xm

CVSS3: 6.5
github
больше 3 лет назад

Quick Emulator (Qemu) built with the USB EHCI Emulation support is vulnerable to a memory leakage issue. It could occur while processing packet data in 'ehci_init_transfer'. A guest user/process could use this issue to leak host memory, resulting in DoS for a host.

fstec логотип

BDU:2017-00073

fstec
около 9 лет назад

Уязвимость эмулятора аппаратного обеспечения QEMU, позволяющая нарушителю нарушить конфиденциальность, целостность и доступность данных

EPSS

Процентиль: 36%
0.00153
Низкий

3 Low

CVSS3

2.3 Low

CVSS2