CVE-2016-9846

QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to a memory leakage issue. It could occur while updating the cursor data in update_cursor_data_virgl. A guest user/process could use this flaw to leak host memory bytes, resulting in DoS for a host.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.8.0:rc0:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.8.0:rc2:*:*:*:*:*:*

History

No history.

Information

Published : 2016-12-29 22:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-9846

Mitre link : CVE-2016-9846

CVE.ORG link : CVE-2016-9846


JSON object : View

Products Affected

qemu

  • qemu
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer