CVE-2016-2197 — NULL Pointer Dereference in Qemu

CWE-476 — NULL Pointer Dereference9 documents7 sources

Severity

5.5MEDIUMNVD

OSV6.0

EPSS

0.1%

top 70.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Qemu Debian Qemu

Timeline

PublishedDec 29

Latest updateMay 13

Description

QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure (FIS) and Command List Block (CLB) entries. A privileged user inside guest could use this flaw to crash the QEMU process instance resulting in DoS.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/qemu< qemu 1:2.6+dfsg-1 (bookworm)

▶Debianqemu/qemu< 1:2.6+dfsg-1+3

▶Ubuntuqemu/qemu< 2.0.0+dfsg-2ubuntu1.22

▶NVDqemu/qemu2.5.1.1

Patches

Patch: lists.gnu.org ↗Patch: lists.gnu.org ↗

🔴Vulnerability Details

GHSA

GHSA-ph2m-74p3-x4w9: QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw↗2022-05-13

▶

OSV

CVE-2016-2197: QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw↗2016-12-29

▶

OSV

qemu, qemu-kvm vulnerabilities↗2016-02-03

▶

📋Vendor Advisories

Ubuntu

QEMU vulnerabilities↗2016-02-03

▶

Red Hat

Qemu: ide: ahci null pointer dereference when using FIS CLB engines↗2016-01-28

▶

Debian

CVE-2016-2197: qemu - QEMU (aka Quick Emulator) built with an IDE AHCI emulation support is vulnerable...↗2016

▶

💬Community

Bugzilla

CVE-2016-2197 qemu: Null pointer dereference in ahci [fedora-all]↗2016-01-29

▶

Bugzilla

CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines↗2016-01-26

▶