CVE-2016-4020

Published: May 25, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=691a02e2ce0c413236a78dee6f2651c937b09fb0

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1313686

x_refsource_CONFIRM

[qemu-devel] 20160407 [Qemu-devel] [PATCH] i386: kvmvapic: initialise imm32 variable

mailing-list

x_refsource_MLIST

86067

vdb-entry

x_refsource_BID

[qemu-devel] 20160407 Re: [Qemu-devel] [PATCH] i386: kvmvapic: initialise imm32 variable

mailing-list

x_refsource_MLIST

RHSA-2017:2392

vendor-advisory

x_refsource_REDHAT

GLSA-201609-01

vendor-advisory

x_refsource_GENTOO

USN-2974-1

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update

mailing-list

x_refsource_MLIST

RHSA-2017:2408

vendor-advisory

x_refsource_REDHAT

RHSA-2017:1856

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4020

Description

Affected Products

References