Wind River Support Network

HomeDefectsLIN7-6413

Fixed

LIN7-6413 : Security Advisory - qemu - CVE-2016-4454

Created: Jun 13, 2016 Updated: Sep 8, 2018

Resolved Date: Jun 16, 2016

Found In Version: 7.0.0.16

Fix Version: 7.0.0.17

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4454

Other Downloads

Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-4454