Back to search
CVE-2016-1714
Published: Apr 7, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20160112 Re: CVE request Qemu: nvram: OOB r/w access in processing firmware configurations
mailing-list
x_refsource_MLIST
RHSA-2016:0083
vendor-advisory
x_refsource_REDHAT
RHSA-2016:0085
vendor-advisory
x_refsource_REDHAT
RHSA-2016:0086
vendor-advisory
x_refsource_REDHAT
[oss-security] 20160112 Re: Re: CVE request Qemu: nvram: OOB r/w access in processing firmware configurations
mailing-list
x_refsource_MLIST
[oss-security] 20160111 CVE request Qemu: nvram: OOB r/w access in processing firmware configurations
mailing-list
x_refsource_MLIST
1034858
vdb-entry
x_refsource_SECTRACK
[Qemu-devel] 20160106 [PATCH v2 for v2.3.0] fw_cfg: add check to validate current entry value
mailing-list
x_refsource_MLIST
RHSA-2016:0081
vendor-advisory
x_refsource_REDHAT
80250
vdb-entry
x_refsource_BID
GLSA-201604-01
vendor-advisory
x_refsource_GENTOO
DSA-3469
vendor-advisory
x_refsource_DEBIAN
DSA-3470
vendor-advisory
x_refsource_DEBIAN
RHSA-2016:0082
vendor-advisory
x_refsource_REDHAT
RHSA-2016:0087
vendor-advisory
x_refsource_REDHAT
RHSA-2016:0084
vendor-advisory
x_refsource_REDHAT
DSA-3471
vendor-advisory
x_refsource_DEBIAN
RHSA-2016:0088
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now