Wind River Support Network

HomeDefectsLIN7-7141

Fixed

LIN7-7141 : Security Advisory - qemu - CVE-2016-6836

Created: Dec 15, 2016 Updated: Sep 8, 2018

Resolved Date: Jan 18, 2017

Found In Version: 7.0.0.21

Fix Version: 7.0.0.23

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The vmxnet3_complete_packet function in hw/net/vmxnet3.c in QEMU (aka Quick Emulator) allows local guest OS administrators to obtain sensitive host memory information by leveraging failure to initialize the txcq_descr object.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6836

Other Downloads

Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-6836