Back to search
CVE-2016-7157
Published: Dec 10, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The (1) mptsas_config_manufacturing_1 and (2) mptsas_config_ioc_0 functions in hw/scsi/mptconfig.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via vectors involving MPTSAS_CONFIG_PACK.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92775
vdb-entry
x_refsource_BID
GLSA-201609-01
vendor-advisory
x_refsource_GENTOO
[qemu-devel] 20160831 [PATCH 2/2] scsi: mptconfig: fix an assert expression
mailing-list
x_refsource_MLIST
[oss-security] 20160906 CVE Request Qemu: scsi: mptsas: invalid memory access while building configuration pages
mailing-list
x_refsource_MLIST
[oss-security] 20160906 Re: CVE Request Qemu: scsi: mptsas: invalid memory access while building configuration pages
mailing-list
x_refsource_MLIST
[qemu-devel] 20160831 [PATCH 1/2] scsi: mptconfig: fix format string
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now