Lucene search

[email protected]CVE-2016-1714

HistoryApr 07, 2016 - 7:59 p.m.

CVE-2016-1714

2016-04-0719:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2016-1714

qemu

firmware configuration

denial of service

out-of-bounds access

arbitrary code

nvd

8.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.2%

JSON

The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.

CPENameOperatorVersion
redhat:openstackredhat openstackeq5.0
oracle:linuxoracle linuxeq6
oracle:linuxoracle linuxeq7
qemu:qemuqemule2.3.0

CPE	Name	Operator	Version
redhat:openstack	redhat openstack	eq	5.0
oracle:linux	oracle linux	eq	6
oracle:linux	oracle linux	eq	7
qemu:qemu	qemu	le	2.3.0

References

rhn.redhat.com/errata/RHSA-2016-0081.html

rhn.redhat.com/errata/RHSA-2016-0082.html

rhn.redhat.com/errata/RHSA-2016-0083.html

rhn.redhat.com/errata/RHSA-2016-0084.html

rhn.redhat.com/errata/RHSA-2016-0085.html

rhn.redhat.com/errata/RHSA-2016-0086.html

rhn.redhat.com/errata/RHSA-2016-0087.html

rhn.redhat.com/errata/RHSA-2016-0088.html

www.debian.org/security/2016/dsa-3469

www.debian.org/security/2016/dsa-3470

www.debian.org/security/2016/dsa-3471

www.openwall.com/lists/oss-security/2016/01/11/7

www.openwall.com/lists/oss-security/2016/01/12/10

www.openwall.com/lists/oss-security/2016/01/12/11

www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

www.securityfocus.com/bid/80250

www.securitytracker.com/id/1034858

lists.gnu.org/archive/html/qemu-devel/2016-01/msg00428.html

security.gentoo.org/glsa/201604-01

8.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

74.2%

JSON

Related for CVE-2016-1714

f52 oraclelinux4 nessus32 redhat8 openvas30 prion1 veracode1 centos2 ubuntucve1 debiancve1 ibm2 debian6 osv3 gentoo1 fedora2 mageia1 ubuntu1 suse13