Описание
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1:2.5+dfsg-1ubuntu2 |
| esm-infra-legacy/trusty | released | 2.0.0+dfsg-2ubuntu1.22 |
| precise | DNE | |
| trusty | released | 2.0.0+dfsg-2ubuntu1.22 |
| trusty/esm | released | 2.0.0+dfsg-2ubuntu1.22 |
| upstream | needs-triage | |
| vivid | ignored | end of life |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | released | 1:2.3+dfsg-5ubuntu9.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise | released | 1.0+noroms-0ubuntu14.27 |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| vivid | DNE | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | DNE |
Показывать по
6.9 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg. ...
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
ELSA-2016-0083: qemu-kvm security and bug fix update (IMPORTANT)
6.9 Medium
CVSS2
8.1 High
CVSS3