Back to search
CVE-2016-1568
Published: Apr 8, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2016:0086
vendor-advisory
x_refsource_REDHAT
[oss-security] 20160109 Re: Qemu: ide: ahci use-after-free vulnerability in aio port commands
mailing-list
x_refsource_MLIST
80191
vdb-entry
x_refsource_BID
1034859
vdb-entry
x_refsource_SECTRACK
DSA-3469
vendor-advisory
x_refsource_DEBIAN
DSA-3470
vendor-advisory
x_refsource_DEBIAN
RHSA-2016:0087
vendor-advisory
x_refsource_REDHAT
RHSA-2016:0084
vendor-advisory
x_refsource_REDHAT
DSA-3471
vendor-advisory
x_refsource_DEBIAN
GLSA-201602-01
vendor-advisory
x_refsource_GENTOO
RHSA-2016:0088
vendor-advisory
x_refsource_REDHAT
[oss-security] 20160109 Qemu: ide: ahci use-after-free vulnerability in aio port commands
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now