NVD

Id
22267  
Name
CVE-2016-9104  
Description
Multiple integer overflows in the (1) v9fs_xattr_read and (2) v9fs_xattr_write functions in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allow local guest OS administrators to cause a denial of service (QEMU process crash) via a crafted offset, which triggers an out-of-bounds access.  
Reject
 
CVSS Version
2  
CVSS Score
2.1  
Severity
Low  
CVSS Base Score
2.1  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2016-12-09  
Modified Date
2017-01-06  
Seq
2016-9104  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
118535 22267 CVE-2016-9104 openSUSE-SU-2016:3237  View
118536 22267 CVE-2016-9104 [oss-security] 20161028 CVE request Qemu: 9pfs: integer overflow leading to OOB access  View
118537 22267 CVE-2016-9104 [oss-security] 20161030 Re: CVE request Qemu: 9pfs: integer overflow leading to OOB access  View
118538 22267 CVE-2016-9104 93956  View
118539 22267 CVE-2016-9104 [qemu-devel] 20161013 Re: [PATCH v3 3/3] 9pfs: fix integer overflow issue in xattr read/write  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
5383 JVNDB-2016-006156 QEMU の hw/9pfs/9p.c の v9fs_xattr_read および v9fs_xattr_write 関数における整数オーバーフローの脆弱性 QEMU (別名 Quick Emulator) の hw/9pfs/9p.c の (1) v9fs_xattr_read および (2) v9fs_xattr_write 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2016-9104 95611 CVE-2016-9104 22267 2.1 4.4 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-006156.html 2016-10-13 2016-12-13 View