[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2016-2857Date: (C)2016-04-28   (M)2023-12-22


The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 8.4CVSS Score : 3.6
Exploit Score: 2.0Exploit Score: 3.9
Impact Score: 5.8Impact Score: 4.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: LOWAuthentication: NONE
User Interaction: NONEConfidentiality: PARTIAL
Scope: CHANGEDIntegrity: NONE
Confidentiality: HIGHAvailability: PARTIAL
Integrity: NONE 
Availability: HIGH 
  
Reference:
BID-84130
RHSA-2016:2670
RHSA-2016:2671
RHSA-2016:2704
RHSA-2016:2705
RHSA-2016:2706
RHSA-2017:0083
RHSA-2017:0309
RHSA-2017:0334
RHSA-2017:0344
RHSA-2017:0350
USN-2974-1
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
http://www.openwall.com/lists/oss-security/2016/03/03/9
http://www.openwall.com/lists/oss-security/2016/03/07/3
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=362786f14a753d8a5256ef97d7c10ed576d6572b

CWE    1
CWE-119
OVAL    16
oval:org.secpod.oval:def:110368
oval:org.secpod.oval:def:110338
oval:org.secpod.oval:def:204081
oval:org.secpod.oval:def:110318
...

© SecPod Technologies