Use After Free in Qemu
CVE-2016-1568
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Qu…
Vulnerability class: Use-After-Free
EPSS: 0.003 (56.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Qemu
- Debian Debian_linux — versions 7.0, 8.0
- Redhat Enterprise_linux — versions 7.0
- Redhat Openstack — versions 6.0, 7.0, 5.0
- Redhat Virtualization — versions 3.0
- N/a — versions n/a
Weakness classification (CWE)
References
- RHSA-2016:0086 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- [oss-security] 20160109 Re: Qemu: ide: ahci use-after-free vulnerability in aio port commands (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- 80191 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_CONFIRM)
- 1034859 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
- DSA-3469 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
- DSA-3470 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
- RHSA-2016:0087 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- RHSA-2016:0084 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
- DSA-3471 (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
Frequently asked questions
- What is CVE-2016-1568?
- CVE-2016-1568 is a high-severity vulnerability in Qemu, classified under Use After Free. CVSS score: 8.8/10. Published 2016-04-12.
- How severe is CVE-2016-1568?
- High severity. CVSS v3 base score is 8.8 out of 10.