Wind River Support Network

HomeDefectsLIN7-6474

Fixed

LIN7-6474 : Security Advisory - qemu - CVE-2016-5238

Created: Jun 29, 2016 Updated: Sep 8, 2018

Resolved Date: Jul 10, 2016

Found In Version: 7.0.0.16

Fix Version: 7.0.0.18

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5238

Other Downloads

Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-5238