First published: Wed Jan 06 2016(Updated: )
Last updated 24 July 2024
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Openstack | =5.0 | |
Oracle Linux | =6 | |
Oracle Linux | =7 | |
QEMU qemu | <=2.3.0 | |
debian/qemu | 1:5.2+dfsg-11+deb11u3 1:5.2+dfsg-11+deb11u2 1:7.2+dfsg-7+deb12u7 1:9.2.0+ds-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-1714 is a vulnerability in QEMU that allows guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service by triggering an out-of-bounds read or write access, leading to a process crash.
The severity of CVE-2016-1714 is high with a severity value of 7 (out of 10).
CVE-2016-1714 can cause a denial of service in QEMU due to out-of-bounds read or write access and process crashes.
The affected versions of QEMU include 1.0+, 2.0.0+dfsg-2ubuntu1.22, 1:2.3+dfsg-5ubuntu9.2, and later versions up to 1:3.1+dfsg-8+deb10u8, 1:3.1+dfsg-8+deb10u10, 1:5.2+dfsg-11+deb11u2, 1:7.2+dfsg-7+deb12u1, 1:8.1.0+ds-6, 1:8.1.1+ds-1.
Mitigating CVE-2016-1714 involves updating QEMU to a version that includes the fix for the vulnerability.