Wind River Support Network


LIN6-10911 : Security Advisory - qemu - CVE-2016-1568

Created: Feb 19, 2016    Updated: Dec 3, 2018
Resolved Date: Mar 4, 2016
Found In Version: 6.0
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace


A use-after-free flaw was found in the way QEMU's IDE AHCI emulator processed certain AHCI Native Command Queuing (NCQ) AIO commands. A privileged guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.

Other Downloads

Live chat