Your submission was sent successfully! Close

CVE-2016-5403

Published: 2 August 2016

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

Notes

AuthorNote
mdeslaur
the patch for this CVE introduced a regression and was later
reverted pending investigation. See LP: #1612089.
proposed regression fixes:
http://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg01038.html
http://lists.nongnu.org/archive/html/qemu-devel/2016-08/msg02666.html
Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
precise Does not exist

trusty
Released (2.0.0+dfsg-2ubuntu1.30)
upstream Needs triage

wily Ignored
(reached end-of-life)
xenial
Released (1:2.5+dfsg-5ubuntu10.6)
yakkety
Released (1:2.6.1+dfsg-0ubuntu5.1)
Patches:
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=afd9096eb1882f23929f5b5c177898ed231bac66
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=bccdef6b1a204db0f41ffb6e24ce373e4d7890d4
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=58a83c61496eeb0d31571a07a51bc1947e3379ac
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=4b7f91ed0270a371e1933efa21ba600b6da23ab9
upstream: http://git.qemu.org/?p=qemu.git;a=commit;h=104e70cae78bd4afd95d948c6aff188f10508a9c
qemu-kvm
Launchpad, Ubuntu, Debian
precise
Released (1.0+noroms-0ubuntu14.31)
trusty Does not exist

upstream Needs triage

wily Does not exist

xenial Does not exist

yakkety Does not exist

xen
Launchpad, Ubuntu, Debian
precise
Released (4.1.6.1-0ubuntu0.12.04.12)
trusty Does not exist
(trusty was released [4.4.2-0ubuntu0.14.04.7])
upstream Needs triage

wily Ignored
(reached end-of-life)
xenial Not vulnerable
(uses system qemu)
yakkety Not vulnerable
(uses system qemu)
Binaries built from this source package are in Universe and so are supported by the community.