QwikSec

Security Database

CVE

CWE

Training

CVE-2016-6351

Published: Sep 7, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The esp_do_dma function in hw/scsi/esp.c in QEMU (aka Quick Emulator), when built with ESP/NCR53C9x controller emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the QEMU host via vectors involving DMA read into ESP command buffer.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=cc96677469388bad3d66479379735cf75db069e3

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20160726 CVE request Qemu: scsi: esp: oob write access while reading ESP command

mailing-list

x_refsource_MLIST

[oss-security] 20160726 Re: CVE request Qemu: scsi: esp: oob write access while reading ESP command

mailing-list

x_refsource_MLIST

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=926cde5f3e4d2504ed161ed0cb771ac7cad6fd11

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.