Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-9923

Опубликовано: 24 нояб. 2016
Источник: redhat
CVSS3: 4.1
CVSS2: 2.3
EPSS Низкий

Описание

Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kvmNot affected
Red Hat Enterprise Linux 5xenNot affected
Red Hat Enterprise Linux 6qemu-kvmNot affected
Red Hat Enterprise Linux 7qemu-kvmWill not fix
Red Hat Enterprise Linux 7qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)qemu-kvm-rhevWill not fix
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)qemu-kvm-rhevWill not fix
Red Hat OpenStack Platform 8 (Liberty)qemu-kvm-rhevWill not fix
Red Hat OpenStack Platform 9 (Mitaka)qemu-kvm-rhevWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1402967Qemu: char: use-after-free issue during hotplug and unplugging device

EPSS

Процентиль: 36%
0.00151
Низкий

4.1 Medium

CVSS3

2.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-9923

CVSS3: 5.5
ubuntu
около 9 лет назад

Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.

nvd логотип

CVE-2016-9923

CVSS3: 5.5
nvd
около 9 лет назад

Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.

debian логотип

CVE-2016-9923

CVSS3: 5.5
debian
около 9 лет назад

Quick Emulator (Qemu) built with the 'chardev' backend support is vuln ...

github логотип

GHSA-chcq-mx34-rm7h

CVSS3: 5.5
github
больше 3 лет назад

Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.

EPSS

Процентиль: 36%
0.00151
Низкий

4.1 Medium

CVSS3

2.3 Low

CVSS2