CVE-2016-6835

First published: Mon Aug 22 2016(Updated: )

Quick Emulator(Qemu) built with the VMWARE VMXNET3 NIC device support is vulnerable to an OOB access issue. In that it does not check if packet headers does not check for IP header length. It could lead to a OOB access when reading further packet data. A privileged user inside guest could use this issue to crash the Qemu process instance or potentially execute arbitrary code on the host, with privileges of the Qemu process. Upstream patch: --------------- -&gt; <a href="https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html">https://lists.gnu.org/archive/html/qemu-stable/2016-08/msg00077.html</a> Reference: ---------- -&gt; <a href="http://www.openwall.com/lists/oss-security/2016/08/18/4">http://www.openwall.com/lists/oss-security/2016/08/18/4</a>

Credit: secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/author
• agent/type
• agent/remedy
• agent/last-modified-date
• agent/softwarecombine
• agent/first-publish-date
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2016-6835
• agent/references
• agent/severity
• agent/tags
• agent/description
• agent/event
• collector/mitre-cve
• source/MITRE
• vendor/qemu
• canonical/qemu qemu
• vendor/redhat
• canonical/redhat virtualization
• version/redhat virtualization/4.0
• canonical/redhat enterprise linux
• version/redhat enterprise linux/7.0
• vendor/debian
• canonical/debian debian linux
• version/debian debian linux/8.0