Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.4
CVSSv3

CVE-2016-7156

Published: 10/12/2016 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.4 | Impact Score: 3.6 | Exploitability Score: 0.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Qemu

Vulnerability Summary

The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qemu qemu

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: qemu, qemu-kvm vulnerabilities
Several security issues were fixed in QEMU ...
Red Hat: CVE-2016-7156
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsic in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-8577: 9pfs: host memory leakage in v9fs_read
Debian Bug report logs - #840341 qemu: CVE-2016-8577: 9pfs: host memory leakage in v9fs_read Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Oct 2016 18:33:02 UTC Severity: normal Tags: patch, ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-6351: scsi: esp: oob write access while reading ESP command
Debian Bug report logs - #832621 qemu: CVE-2016-6351: scsi: esp: oob write access while reading ESP command Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 27 Jul 2016 16:03:02 UTC Severity: impor ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-6836: Information leak in vmxnet3_complete_packet
Debian Bug report logs - #834944 qemu: CVE-2016-6836: Information leak in vmxnet3_complete_packet Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 20 Aug 2016 20:00:01 UTC Severity: normal Tags: pe ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7155: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings
Debian Bug report logs - #837174 qemu: CVE-2016-7155: scsi: pvscsi: OOB read and infinite loop while setting descriptor rings Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 9 Sep 2016 18:36:02 UT ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-6834: infinite loop during packet fragmentation
Debian Bug report logs - #834905 qemu: CVE-2016-6834: infinite loop during packet fragmentation Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 20 Aug 2016 13:57:02 UTC Severity: normal Tags: pend ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-6490: virtio: infinite loop in virtqueue_pop
Debian Bug report logs - #832767 qemu: CVE-2016-6490: virtio: infinite loop in virtqueue_pop Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 28 Jul 2016 16:33:02 UTC Severity: important Tags: pend ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-6888
Debian Bug report logs - #834902 qemu: CVE-2016-6888 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 20 Aug 2016 13:33:05 UTC Severity: normal Tags: pending, security, upstream Found in version q ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-8578
Debian Bug report logs - #840340 qemu: CVE-2016-8578 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Oct 2016 18:30:02 UTC Severity: normal Tags: patch, security, upstream Found in version qem ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9908: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset
Debian Bug report logs - #847400 qemu: CVE-2016-9908: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 7 Dec 2016 20:57:04 UTC S ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-8669: char: divide by zero error in serial_update_parameters
Debian Bug report logs - #840945 qemu: CVE-2016-8669: char: divide by zero error in serial_update_parameters Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Oct 2016 11:57:01 UTC Severity: norm ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9846: display: virtio-gpu: memory leakage while updating cursor
Debian Bug report logs - #847382 qemu: CVE-2016-9846: display: virtio-gpu: memory leakage while updating cursor Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 7 Dec 2016 18:30:04 UTC Severity: i ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916
Debian Bug report logs - #847496 qemu: CVE-2016-9913 CVE-2016-9914 CVE-2016-9915 CVE-2016-9916 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 8 Dec 2016 19:15:02 UTC Severity: important Tags: pa ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9776: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive
Debian Bug report logs - #846797 qemu: CVE-2016-9776: net: mcf_fec: infinite loop while receiving data in mcf_fec_receive Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 3 Dec 2016 12:48:01 UTC S ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7161
Debian Bug report logs - #838850 qemu: CVE-2016-7161 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 25 Sep 2016 18:27:02 UTC Severity: important Tags: patch, security, upstream Found in versions ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-5403: virtio: unbounded memory allocation on host via guest leading to DoS
Debian Bug report logs - #832619 qemu: CVE-2016-5403: virtio: unbounded memory allocation on host via guest leading to DoS Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 27 Jul 2016 15:21:07 UTC ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7170: vmware_vga: OOB stack memory access when processing svga command
Debian Bug report logs - #837316 qemu: CVE-2016-7170: vmware_vga: OOB stack memory access when processing svga command Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 10 Sep 2016 13:21:01 UTC Seve ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7422: virtio: null pointer dereference in virtqueue_map_desc
Debian Bug report logs - #838146 qemu: CVE-2016-7422: virtio: null pointer dereference in virtqueue_map_desc Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Sep 2016 17:57:13 UTC Severity: impo ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-6835: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation
Debian Bug report logs - #835031 qemu: CVE-2016-6835: buffer overflow in vmxnet_tx_pkt_parse_headers() in vmxnet3 device emulation Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 21 Aug 2016 14:15: ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9845: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info
Debian Bug report logs - #847381 qemu: CVE-2016-9845: display: virtio-gpu-3d: information leakage in virgl_cmd_get_capset_info Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 7 Dec 2016 18:30:01 U ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9923: char: use after free issue in char backend
Debian Bug report logs - #847957 qemu: CVE-2016-9923: char: use after free issue in char backend Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 12 Dec 2016 15:57:02 UTC Severity: important Tags: ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7116: 9p: directory traversal flaw in 9p virtio backend
Debian Bug report logs - #836502 qemu: CVE-2016-7116: 9p: directory traversal flaw in 9p virtio backend Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 3 Sep 2016 14:21:02 UTC Severity: normal Ta ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7157: mptsas: invalid memory access while building configuration pages
Debian Bug report logs - #837603 qemu: CVE-2016-7157: mptsas: invalid memory access while building configuration pages Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 12 Sep 2016 19:18:19 UTC Seve ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7909: net: pcnet: infinite loop in pcnet_rdra_addr
Debian Bug report logs - #839834 qemu: CVE-2016-7909: net: pcnet: infinite loop in pcnet_rdra_addr Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 5 Oct 2016 15:15:02 UTC Severity: normal Tags: s ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx
Debian Bug report logs - #839835 qemu: CVE-2016-7908: net: Infinite loop in mcf_fec_do_tx Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 5 Oct 2016 15:33:01 UTC Severity: normal Tags: security, ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-8910: net: rtl8139: infinite loop while transmit in C+ mode
Debian Bug report logs - #841955 qemu: CVE-2016-8910: net: rtl8139: infinite loop while transmit in C+ mode Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 24 Oct 2016 19:45:04 UTC Severity: norma ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer
Debian Bug report logs - #847951 qemu: CVE-2016-9911: usb: ehci: memory leakage in ehci_init_transfer Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 12 Dec 2016 15:27:07 UTC Severity: important T ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-8909: audio: intel-hda: infinite loop in processing dma buffer stream
Debian Bug report logs - #841950 qemu: CVE-2016-8909: audio: intel-hda: infinite loop in processing dma buffer stream Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 24 Oct 2016 18:57:01 UTC Sever ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9921 CVE-2016-9922
Debian Bug report logs - #847960 qemu: CVE-2016-9921 CVE-2016-9922 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 12 Dec 2016 16:09:01 UTC Severity: important Tags: patch, security, upstream Fou ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7156: scsi: pvscsi: infintie loop when building SG list
Debian Bug report logs - #837339 qemu: CVE-2016-7156: scsi: pvscsi: infintie loop when building SG list Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 10 Sep 2016 18:12:01 UTC Severity: normal Ta ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-6833: net: vmxnet3: use after free while writing
Debian Bug report logs - #834904 qemu: CVE-2016-6833: net: vmxnet3: use after free while writing Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 20 Aug 2016 13:45:06 UTC Severity: important Tags: ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9907: usb: redirector: memory leakage when destroying redirector
Debian Bug report logs - #847953 qemu: CVE-2016-9907: usb: redirector: memory leakage when destroying redirector Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 12 Dec 2016 15:39:02 UTC Severity: ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7995: usb: hcd-ehci: memory leak in ehci_process_itd
Debian Bug report logs - #840236 qemu: CVE-2016-7995: usb: hcd-ehci: memory leak in ehci_process_itd Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 9 Oct 2016 19:33:01 UTC Severity: normal Tags: ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-8576: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch
Debian Bug report logs - #840343 qemu: CVE-2016-8576: usb: xHCI: infinite loop vulnerability in xhci_ring_fetch Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Oct 2016 18:39:01 UTC Severity: n ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7421: scsi: pvscsi: infinite loop when processing IO requests
Debian Bug report logs - #838147 qemu: CVE-2016-7421: scsi: pvscsi: infinite loop when processing IO requests Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Sep 2016 18:00:01 UTC Severity: nor ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7994: virtio-gpu: memory leak in virtio_gpu_resource_create_2d
Debian Bug report logs - #840228 qemu: CVE-2016-7994: virtio-gpu: memory leak in virtio_gpu_resource_create_2d Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 9 Oct 2016 18:12:01 UTC Severity: no ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-8668: net: OOB buffer access in rocker switch emulation
Debian Bug report logs - #840948 qemu: CVE-2016-8668: net: OOB buffer access in rocker switch emulation Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 16 Oct 2016 12:12:04 UTC Severity: normal Ta ...
Debian CVElist Bug Report Logs: qemu: Various 9ps security issues (CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106)
Debian Bug report logs - #842463 qemu: Various 9ps security issues (CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106) Package: qemu; Maintainer for qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Source for qemu is src:qemu (PTS, buildd, popcon) Reported by: Guido Günther <agx@sigx ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-7423: scsi: mptsas: OOB access when freeing MPTSASRequest object
Debian Bug report logs - #838145 qemu: CVE-2016-7423: scsi: mptsas: OOB access when freeing MPTSASRequest object Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 17 Sep 2016 17:57:09 UTC Severity: ...
Debian CVElist Bug Report Logs: qemu: CVE-2016-9912: display: virtio-gpu: memory leakage when destroying gpu resource
Debian Bug report logs - #847391 qemu: CVE-2016-9912: display: virtio-gpu: memory leakage when destroying gpu resource Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 7 Dec 2016 19:30:01 UTC Seve ...

References

CWE-704http://www.openwall.com/lists/oss-security/2016/09/07/2http://www.openwall.com/lists/oss-security/2016/09/06/3http://www.securityfocus.com/bid/92774https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg01246.htmlhttps://lists.gnu.org/archive/html/qemu-devel/2016-09/msg00772.htmlhttps://security.gentoo.org/glsa/201609-01https://lists.debian.org/debian-lts-announce/2018/11/msg00038.htmlhttp://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=49adc5d3f8c6bb75e55ebfeab109c5c37dea65e8https://usn.ubuntu.com/3125-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injectionCVE-2024-35894SQLCVE-2024-5105CVE-2014-100005CVE-2024-35895unauthorizedCVE-2024-22120CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook