exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

CVE-2016-5403

Status Candidate

Overview

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

Related Files

Ubuntu Security Notice USN-3125-1
Posted Nov 10, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3125-1 - Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-5403, CVE-2016-6833, CVE-2016-6834, CVE-2016-6835, CVE-2016-6836, CVE-2016-6888, CVE-2016-7116, CVE-2016-7155, CVE-2016-7156, CVE-2016-7157, CVE-2016-7161, CVE-2016-7170, CVE-2016-7421, CVE-2016-7422, CVE-2016-7423, CVE-2016-7466, CVE-2016-7908, CVE-2016-7909, CVE-2016-7994, CVE-2016-7995, CVE-2016-8576, CVE-2016-8577, CVE-2016-8578, CVE-2016-8668, CVE-2016-8909, CVE-2016-8910, CVE-2016-9101, CVE-2016-9102
SHA-256 | ebbb9dd99d4d4747c3700c5ee2ba26996c0c622e1a49ae4a8d2ca5b4b29fb07d
Red Hat Security Advisory 2016-1943-01
Posted Sep 28, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1943-01 - KVM is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc. Security Fix: An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions support performed read/write operations using I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process.

tags | advisory, arbitrary, x86
systems | linux, redhat, windows
advisories | CVE-2016-3710, CVE-2016-5403
SHA-256 | 19acd910684295a9f3feaeb5760ea7ded99a3951cfa1694f184ff09abb1386b2
Red Hat Security Advisory 2016-1763-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1763-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in denial of service, or potentially leverage it to execute arbitrary code with QEMU-process privileges on the host.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | b936c597f2b38222b536ed0b72d6892520736086fdf90ec2bb052711f97d3675
Red Hat Security Advisory 2016-1756-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1756-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in denial of service, or potentially leverage it to execute arbitrary code with QEMU-process privileges on the host.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | ee2a907a02311463c8bfdc49dca292045a8a802656502a0b7229331d7c4a4137
Red Hat Security Advisory 2016-1655-01
Posted Aug 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1655-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap buffer overflow issue. It could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside guest could use this flaw to crash the Qemu process resulting in DoS or potentially leverage it to execute arbitrary code with privileges of the Qemu process on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | 4aef31c589e9eb632262467a2391d662c3f9b8731a9caabe096c9d84b5c43a8b
Red Hat Security Advisory 2016-1654-01
Posted Aug 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1654-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap buffer overflow issue. It could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside guest could use this flaw to crash the Qemu process resulting in DoS or potentially leverage it to execute arbitrary code with privileges of the Qemu process on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | be57c89124c98f2cea8b05cd613985cbc6e73e7db5d4fb67260fd412e521dc99
Red Hat Security Advisory 2016-1652-01
Posted Aug 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1652-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick emulator built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement and therefore causes unbounded memory allocation on the host controlled by the guest.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5403
SHA-256 | 539a4dbb0d044fdb2e69eddaa74656352db4a87fa6718104e121060c02136047
Red Hat Security Advisory 2016-1653-01
Posted Aug 23, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1653-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap buffer overflow issue. It could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside guest could use this flaw to crash the Qemu process resulting in DoS or potentially leverage it to execute arbitrary code with privileges of the Qemu process on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | 784b309832846f10d29d70069df5da9ac9c80c535442ac182995d7d0b236dbb3
Ubuntu Security Notice USN-3047-2
Posted Aug 12, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3047-2 - USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. Various other issues were addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-4952, CVE-2016-5107, CVE-2016-5126, CVE-2016-5337, CVE-2016-5403
SHA-256 | 6cde5cb99c15b597456c232a84fe2c4a2d7a2394f9e433c09f015f5e373d1fc2
Red Hat Security Advisory 2016-1607-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1607-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap buffer overflow issue. It could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside guest could use this flaw to crash the Qemu process resulting in DoS or potentially leverage it to execute arbitrary code with privileges of the Qemu process on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | d67f5e6e01f8d9341a59fcc3055fec2ec69675435c8bc04cff2c9ee1c9bd3355
Red Hat Security Advisory 2016-1606-01
Posted Aug 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1606-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap buffer overflow issue. It could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside guest could use this flaw to crash the Qemu process resulting in DoS or potentially leverage it to execute arbitrary code with privileges of the Qemu process on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | 55b580f3cc8e781eb560abc0504ebbb683e94803d14225a9ae6fea8a2aec4eff
Red Hat Security Advisory 2016-1586-01
Posted Aug 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1586-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick emulator built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement and therefore causes unbounded memory allocation on the host controlled by the guest.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5403
SHA-256 | 4c1d1bc40e1e6367d724a8cda0f1bfc794595fdf5ac299d28294505a3b85e0e3
Red Hat Security Advisory 2016-1585-01
Posted Aug 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1585-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: Quick emulator built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement and therefore causes unbounded memory allocation on the host controlled by the guest.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-5403
SHA-256 | a9d0e3ffdd3d3da840f2c103a322b0f6f9596d929626d1f1a99fbffe30c5cd59
Ubuntu Security Notice USN-3047-1
Posted Aug 5, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3047-1 - Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use th is issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-4439, CVE-2016-4441, CVE-2016-4453, CVE-2016-4454, CVE-2016-4952, CVE-2016-5105, CVE-2016-5106, CVE-2016-5107, CVE-2016-5126, CVE-2016-5238, CVE-2016-5337, CVE-2016-5338, CVE-2016-5403, CVE-2016-6351
SHA-256 | bcefab0e4c0425ce4a72b7328693b95ea5ed7a47800b8d6f73f293a7b21d1431
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close