CVE

Id
92156  
CVE No.
CVE-2016-5337  
Status
Candidate  
Description
The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.  
Phase
Assigned (20160608)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
789475 92156 CVE-2016-5337 MLIST:[oss-security] 20160608 CVE Request Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info  View
789476 92156 CVE-2016-5337 URL:http://www.openwall.com/lists/oss-security/2016/06/08/3  View
789477 92156 CVE-2016-5337 MLIST:[oss-security] 20160608 Re: CVE Request Qemu: scsi: megasas: information leakage in megasas_ctrl_get_info  View
789478 92156 CVE-2016-5337 URL:http://www.openwall.com/lists/oss-security/2016/06/08/13  View
789479 92156 CVE-2016-5337 MLIST:[qemu-devel] 20160607 [PULL 06/13] scsi: megasas: null terminate bios version buffer  View
789480 92156 CVE-2016-5337 URL:https://lists.gnu.org/archive/html/qemu-devel/2016-06/msg01969.html  View
789481 92156 CVE-2016-5337 CONFIRM:http://git.qemu.org/?p=qemu.git;a=commit;h=844864fbae66935951529408831c2f22367a57b6  View
789482 92156 CVE-2016-5337 UBUNTU:USN-3047-1  View
789483 92156 CVE-2016-5337 URL:http://www.ubuntu.com/usn/USN-3047-1  View
789484 92156 CVE-2016-5337 UBUNTU:USN-3047-2  View
789485 92156 CVE-2016-5337 URL:http://www.ubuntu.com/usn/USN-3047-2  View
789486 92156 CVE-2016-5337 BID:91097  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
3675 JVNDB-2016-004448 Zmodo ZP-NE14-S および ZP-IBH13-W デバイスにおける任意のアクセスポイントとの接続を回避される脆弱性 Zmodo ZP-NE14-S および ZP-IBH13-W デバイスは、WPA2 構成の設定を適用しないため、任意のアクセスポイントとの接続を回避される脆弱性が存在します。 CVE-2016-5650 92156 5 7.5 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004448.html  View