Lucene search
PRIOn knowledge basePRION:CVE-2016-4454HistoryJun 01, 2016 - 10:59 p.m.
Out-of-bounds
2016-06-0122:59:00
PRIOn knowledge base
www.prio-n.com
9
The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 12.04 | |
| ubuntu_linux | eq | 16.04 | |
| ubuntu_linux | eq | 14.04 | |
| debian_linux | eq | 8.0 | |
| qemu | le | 2.6.0 |
References
www.openwall.com/lists/oss-security/2016/05/30/3
www.securityfocus.com/bid/90927
www.ubuntu.com/usn/USN-3047-1
www.ubuntu.com/usn/USN-3047-2
bugzilla.redhat.com/show_bug.cgi?id=1336429
lists.debian.org/debian-lts-announce/2018/11/msg00038.html
lists.gnu.org/archive/html/qemu-devel/2016-05/msg05271.html
security.gentoo.org/glsa/201609-01
Related
cve
cve
CVE-2016-4454
2016-06-01 22:59:04
nvd
nvd
CVE-2016-4454
2016-06-01 22:59:04
cvelist
cvelist
CVE-2016-4454
2016-06-01 22:00:00
redhatcve
redhatcve
CVE-2016-4454
2016-05-30 08:48:27
ubuntucve
ubuntucve
CVE-2016-4454
2016-06-01 00:00:00
debiancve
debiancve
CVE-2016-4454
2016-06-01 22:59:04
openvas
openvas
Fedora Update for xen FEDORA-2016-389be30b95
2016-06-19 00:00:00
Fedora Update for xen FEDORA-2016-103752d2a9
2016-06-18 00:00:00
Fedora Update for qemu FEDORA-2016-ea3002b577
2016-07-10 00:00:00
nessus
nessus
Fedora 24 : xen (2016-389be30b95)
2016-07-14 00:00:00
Fedora 23 : xen (2016-103752d2a9)
2016-07-14 00:00:00
Fedora 22 : 2:qemu (2016-ea3002b577)
2016-07-15 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: xen-4.6.1-11.fc24
2016-06-18 19:34:42
[SECURITY] Fedora 23 Update: xen-4.5.3-8.fc23
2016-06-17 16:02:42
[SECURITY] Fedora 23 Update: qemu-2.4.1-11.fc23
2016-07-02 19:35:10
ubuntu
ubuntu
QEMU vulnerabilities
2016-08-04 00:00:00
QEMU regression
2016-08-12 00:00:00
suse
suse
Security update for qemu (important)
2016-10-21 19:08:51
Security update for qemu (important)
2016-10-26 14:11:23
Security update for xen (important)
2016-11-04 15:11:21
gentoo
gentoo
QEMU: Multiple vulnerabilities
2016-09-25 00:00:00
osv
osv
qemu - security update
2018-11-29 00:00:00
debian
debian
[SECURITY] [DLA 1599-1] qemu security update
2018-11-30 14:28:32