CVE-2016-9845
medium
CVSS v3
6.5
CVSS v2
2.1
VIR risk
6.5
Description
QEMU (aka Quick Emulator) built with the Virtio GPU Device emulator support is vulnerable to an information leakage issue. It could occur while processing 'VIRTIO_GPU_CMD_GET_CAPSET_INFO' command. A guest user/process could use this flaw to leak contents of the host memory bytes.
Predictions
Exploit likelihood
65%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2016-9845
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2016-9845.html
Vendor advisory: secalert@redhat.com — https://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| sles | affected | | |
| debian | bookworm | fixed | 1:2.8+dfsg-1 |
| debian | bullseye | fixed | 1:2.8+dfsg-1 |
| debian | forky | fixed | 1:2.8+dfsg-1 |
| debian | sid | fixed | 1:2.8+dfsg-1 |
| debian | trixie | fixed | 1:2.8+dfsg-1 |
References
- http://www.openwall.com/lists/oss-security/2016/12/05/15
- http://www.openwall.com/lists/oss-security/2016/12/05/22
- http://www.securityfocus.com/bid/94763
- https://lists.nongnu.org/archive/html/qemu-devel/2016-11/msg00019.html
- https://security.gentoo.org/glsa/201701-49
- https://www.suse.com/security/cve/CVE-2016-9845.html
- https://security-tracker.debian.org/tracker/CVE-2016-9845
CWEs
CWE-200
Verify integrity in audit chain (admin only). AS-IS.