An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process.
Find out more about CVE-2016-1714 from the MITRE CVE dictionary dictionary and NIST NVD.
| Base Score | 4.9 |
|---|---|
| Base Metrics | AV:A/AC:M/Au:S/C:P/I:P/A:P |
| Access Vector | Adjacent Network |
| Access Complexity | Medium |
| Authentication | Single |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
| Platform | Errata | Release Date |
|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 (qemu-kvm-rhev) | RHSA-2016:0085 | 2016-01-28 |
| Red Hat Enterprise Linux 7 (qemu-kvm) | RHSA-2016:0083 | 2016-01-28 |
| Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 (qemu-kvm-rhev) | RHSA-2016:0087 | 2016-01-28 |
| RHEV Agents (vdsm) (qemu-kvm-rhev) | RHSA-2016:0081 | 2016-01-28 |
| Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 (qemu-kvm-rhev) | RHSA-2016:0086 | 2016-01-28 |
| RHEV Power Host (qemu-kvm-rhev) | RHSA-2016:0084 | 2016-01-28 |
| Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (qemu-kvm-rhev) | RHSA-2016:0084 | 2016-01-28 |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 (qemu-kvm-rhev) | RHSA-2016:0088 | 2016-01-28 |
| Red Hat Enterprise Linux 6 (qemu-kvm) | RHSA-2016:0082 | 2016-01-28 |
| Platform | Package | State |
|---|---|---|
| Red Hat OpenStack Platform 8.0 (Liberty) | qemu-kvm-rhev | Affected |
| Red Hat Enterprise Linux 5 | xen | Not affected |
| Red Hat Enterprise Linux 5 | kvm | Fix deferred |
Vulmon