CVE-2016-7422Classic Buffer Overflow in Qemu

CWE-120Classic Buffer OverflowCWE-476NULL Pointer Dereference10 documents8 sources
Severity
6.0MEDIUMNVD
EPSS
0.1%
top 73.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
QemuOpensuse LeapRedhat Openstack+1 more
Timeline
PublishedDec 10
Latest updateMay 13

Description

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length value.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages5 packages

Debianqemu/qemu< 1:2.7+dfsg-1+3
NVDqemu/qemu2.7.1
NVDopensuse/leap42.2
NVDredhat/openstack6 versions+5

Patches

Patch: lists.gnu.orgPatch: lists.gnu.org

🔴Vulnerability Details

4
GHSA
GHSA-fp4p-m87h-5fx8: The virtqueue_map_desc function in hw/virtio/virtio2022-05-13
CVEList
CVE-2016-7422: The virtqueue_map_desc function in hw/virtio/virtio2016-12-10
OSV
CVE-2016-7422: The virtqueue_map_desc function in hw/virtio/virtio2016-12-10
OSV
perl vulnerabilities2016-03-02

📋Vendor Advisories

3
Ubuntu
QEMU vulnerabilities2016-11-09
Red Hat
Qemu: virtio: null pointer dereference in virtqueu_map_desc2016-09-15
Debian
CVE-2016-7422: qemu - The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulato...2016

💬Community

2
Bugzilla
CVE-2016-7422 Qemu: virtio: null pointer dereference in virtqueu_map_desc2016-09-16
Bugzilla
CVE-2016-7422 Qemu: virtio: null pointer dereference in virtqueu_map_desc [fedora-all]2016-09-16
CVE-2016-7422 — Classic Buffer Overflow in Qemu | cvebase