Wind River Support Network


LIN5-21205 : Security Advisory - qemu - CVE-2016-1568

Created: Feb 19, 2016    Updated: May 29, 2018
Resolved Date: Mar 6, 2016
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace


A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing (NCQ) AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

Other Downloads

Live chat