SB2016080933 - Denial of service in QEMU

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016080933

SB2016080933 - Denial of service in QEMU

Published: August 9, 2016

Security Bulletin ID SB2016080933
Severity
Low
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Adjecent network
Highest impact Denial of service

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Packet fragmentation bug in Vmxnet3 device emulator (CVE-ID: N/A)

The vulnerability allows an adjacent user to cause denial of service conditions on the host system.

The vulnerability exists due a packet framentation bug. An adjacent attacker can cause the target host system to enter an infinite loop and crash.

Successful exploitation of this vulnerability may result in denial of service via network.

2) A use-after-free memory error in Vmxnet3 device emulator (CVE-ID: N/A)

The vulnerability allows an adjacent attacker to cause denial of service conditions on the host system.

The vulnerability exists due to a use-after-free memory error in Vmxnet3 device emulator. An adjacent user can cause denial of service conditions on the host system.
Systems with VMWARE VMXNET3 NIC device support are affected when the device is disabled.

Successful exploitation of this vulnerability may result in denial of service via network.

Remediation

Install update from vendor's website.

References