Your submission was sent successfully! Close

CVE-2016-5403

Published: 2 August 2016

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

Notes

AuthorNote
mdeslaur 
the patch for this CVE introduced a regression and was later
reverted pending investigation. See LP: #1612089.
proposed regression fixes:
http://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg01038.html
http://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg02666.html
Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian 		precise Does not exist

trusty
Released (2.0.0+dfsg-2ubuntu1.30)
upstream Needs triage

wily Ignored
(reached end-of-life)
xenial
Released (1:2.5+dfsg-5ubuntu10.6)
yakkety
Released (1:2.6.1+dfsg-0ubuntu5.1)
Patches:
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=afd9096eb1882f23929f5b5c177898ed231bac66
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=bccdef6b1a204db0f41ffb6e24ce373e4d7890d4
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=58a83c61496eeb0d31571a07a51bc1947e3379ac
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=4b7f91ed0270a371e1933efa21ba600b6da23ab9
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=104e70cae78bd4afd95d948c6aff188f10508a9c
qemu-kvm
Launchpad, Ubuntu, Debian 		precise
Released (1.0+noroms-0ubuntu14.31)
trusty Does not exist

upstream Needs triage

wily Does not exist

xenial Does not exist

yakkety Does not exist

xen
Launchpad, Ubuntu, Debian 		precise
Released (4.1.6.1-0ubuntu0.12.04.12)
trusty Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.7])
upstream Needs triage

wily Ignored
(reached end-of-life)
xenial Not vulnerable
(uses system qemu)
yakkety Not vulnerable
(uses system qemu)
Binaries built from this source package are in Universe and so are supported by the community.

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading