CVE-2016-7155

Published: Dec 10, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20160906 Re: CVE request: Qemu: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings

mailing-list

x_refsource_MLIST

92772

vdb-entry

x_refsource_BID

[qemu-devel] 20160901 [PATCH v3] scsi: check page count while initialising descriptor rings

mailing-list

x_refsource_MLIST

http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=7f61f4690dd153be98900a2a508b88989e692753

x_refsource_CONFIRM

[oss-security] 20160906 CVE request: Qemu: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-7155

Description

Affected Products

References