CVE-2016-9921 — Divide By Zero in Qemu
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 71.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 23
Latest updateMay 13
Description
Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0
Affected Packages4 packages
Also affects: Debian Linux 8.0
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-5wpx-5h74-2wwx: Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue↗2022-05-13
OSV▶
CVE-2016-9921: Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue↗2016-12-23
CVEList▶
CVE-2016-9921: Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue↗2016-12-23
📋Vendor Advisories
3💬Community
3Bugzilla▶
CVE-2016-9921 CVE-2016-9922 qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy [fedora-all]↗2016-11-28
Bugzilla▶
CVE-2016-9921 CVE-2016-9922 xen: Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy [fedora-all]↗2016-11-28
Bugzilla▶
CVE-2016-9921 CVE-2016-9922 Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy↗2016-05-09