Back to search
CVE-2016-5238
Published: Jun 14, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
USN-3047-1
vendor-advisory
x_refsource_UBUNTU
[qemu-devel] 20160601 Re: [Qemu-devel] [PATCH] scsi: check buffer length before reading scsi command
mailing-list
x_refsource_MLIST
[qemu-devel] 20160531 [Qemu-devel] [PATCH] scsi: check buffer length before reading scsi command
mailing-list
x_refsource_MLIST
[oss-security] 20160602 CVE Request Qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd
mailing-list
x_refsource_MLIST
GLSA-201609-01
vendor-advisory
x_refsource_GENTOO
USN-3047-2
vendor-advisory
x_refsource_UBUNTU
90995
vdb-entry
x_refsource_BID
[oss-security] 20160602 Re: CVE Request Qemu: scsi: esp: OOB write when using non-DMA mode in get_cmd
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1341931
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now