Lucene search

K

PRIOn knowledge basePRION:CVE-2016-5126

HistoryJun 01, 2016 - 10:59 p.m.

Heap overflow

2016-06-0122:59:00

PRIOn knowledge base

www.prio-n.com

5

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

22.7%

Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allows local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq12.04
ubuntu_linuxeq14.04
debian_linuxeq8.0
linuxeq7
qemule2.6.2
enterprise_linux_desktopeq7.0
enterprise_linux_euseq7.3
enterprise_linux_euseq7.4
enterprise_linux_euseq7.5

Rows per page:

1-10 of 301

References

git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=a6b3167fa0e825aebb5a7cd8b437b6d41584a196

rhn.redhat.com/errata/RHSA-2016-1606.html

rhn.redhat.com/errata/RHSA-2016-1607.html

rhn.redhat.com/errata/RHSA-2016-1653.html

rhn.redhat.com/errata/RHSA-2016-1654.html

rhn.redhat.com/errata/RHSA-2016-1655.html

rhn.redhat.com/errata/RHSA-2016-1756.html

rhn.redhat.com/errata/RHSA-2016-1763.html

www.openwall.com/lists/oss-security/2016/05/30/6

www.openwall.com/lists/oss-security/2016/05/30/7

www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

www.securityfocus.com/bid/90948

www.ubuntu.com/usn/USN-3047-1

www.ubuntu.com/usn/USN-3047-2

bugzilla.redhat.com/show_bug.cgi?id=1340924

lists.debian.org/debian-lts-announce/2019/09/msg00021.html

lists.gnu.org/archive/html/qemu-block/2016-05/msg00779.html

security.gentoo.org/glsa/201609-01

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

22.7%

Related for PRION:CVE-2016-5126

veracode1 cve1 redhatcve1 debiancve1 ubuntucve1 redhat7 nessus20 openvas15 centos1 oraclelinux2 osv1 debian1 fedora1 ubuntu2 suse7 gentoo1 ibm1