What is CVE-2016-7422?

CVE-2016-7422 is a medium-severity vulnerability in Qemu, classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 6.0/10. Published 2016-12-10.

How severe is CVE-2016-7422?

Medium severity. CVSS v3 base score is 6.0 out of 10.

Buffer overflow in Qemu

CVE-2016-7422

The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via a large I/O descriptor buffer length…

Vulnerability class: Buffer Overflow

EPSS: 0.001 (26.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H.

Affected products

Qemu
Opensuse Leap — versions 42.2
Redhat Enterprise_linux — versions 7.0
Redhat Openstack — versions 6.0, 7.0, 8
Redhat Virtualization — versions 4.0
N/a — versions n/a

Weakness classification (CWE)

CWE-120 — Buffer Copy without Checking Size of Input (Classic Buffer Overflow)

References

secalert@redhat.com (x_refsource_CONFIRM)
[qemu-devel] 20160915 [PATCH] virtio: add check for descriptor's mapped address (mailing-list, x_refsource_MLIST, Patch, Third Party Advisory)
RHSA-2017:2392 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
openSUSE-SU-2016:3237 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
GLSA-201609-01 (vendor-advisory, Third Party Advisory, x_refsource_GENTOO)
92996 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
[oss-security] 20160916 Re: CVE request Qemu: virtio: null pointer dereference in virtqueu_map_desc (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
[oss-security] 20160916 CVE request Qemu: virtio: null pointer dereference in virtqueu_map_desc (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
RHSA-2017:2408 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)

Frequently asked questions

What is CVE-2016-7422?: CVE-2016-7422 is a medium-severity vulnerability in Qemu, classified under Buffer Copy without Checking Size of Input (Classic Buffer Overflow). CVSS score: 6.0/10. Published 2016-12-10.
How severe is CVE-2016-7422?: Medium severity. CVSS v3 base score is 6.0 out of 10.