Wind River Support Network

HomeDefectsLIN7-6780

Fixed

LIN7-6780 : Security Advisory - qemu - CVE-2016-4952

Created: Sep 11, 2016 Updated: Sep 8, 2018

Resolved Date: Oct 10, 2016

Found In Version: 7.0.0.19

Fix Version: 7.0.0.21

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

QEMU (aka Quick Emulator), when built with VMWARE PVSCSI paravirtual SCSI bus emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds array access) via vectors related to the (1) PVSCSI_CMD_SETUP_RINGS or (2) PVSCSI_CMD_SETUP_MSG_RING SCSI command.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4952

Other Downloads

Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-4952