Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Redhat
  • Openstack
  • Enterprise Linux
  • Virtualization
Qemu
  • Qemu
Debian
  • Debian Linux

Configuration 1 [-]

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
References
Link Resource
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=4ab0359a8ae182a7ac5c99609667273167703fab
http://rhn.redhat.com/errata/RHSA-2016-0084.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0086.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0087.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0088.html Third Party Advisory
http://www.debian.org/security/2016/dsa-3469 Third Party Advisory
http://www.debian.org/security/2016/dsa-3470 Third Party Advisory
http://www.debian.org/security/2016/dsa-3471 Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/09/1 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/09/2 Mailing List Third Party Advisory
http://www.securityfocus.com/bid/80191 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034859 Third Party Advisory VDB Entry
https://security.gentoo.org/glsa/201602-01 Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2016-04-08T16:00:00

Updated: 2017-11-03T18:57:01

Reserved: 2016-01-09T00:00:00

Link: CVE-2016-1568

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2016-04-12T02:00:05.243

Modified: 2023-02-12T23:16:54.213

Link: CVE-2016-1568

JSON object: View

cve-icon Redhat Information

No data.

CWE