CVE-2016-4002

Loading...

General

Score:6.8/10.0
Severity:Medium
Category:Buffer Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2014-3615, CVE-2014-3672, CVE-2014-3689, CVE-2014-9718, CVE-2015-3214, CVE-2015-5239, CVE-2015-5278, CVE-2015-5279, CVE-2015-5745, CVE-2015-6855, CVE-2015-7295, CVE-2015-7549, CVE-2015-8504, CVE-2015-8558, CVE-2015-8567, CVE-2015-8568, CVE-2015-8613, CVE-2015-8619, CVE-2015-8743, CVE-2015-8744, CVE-2015-8745, CVE-2015-8817, CVE-2015-8818, CVE-2016-1568, CVE-2016-1714, CVE-2016-1922, CVE-2016-1981, CVE-2016-2197, CVE-2016-2198, CVE-2016-2391, CVE-2016-2392, CVE-2016-2538, CVE-2016-2841, CVE-2016-2857, CVE-2016-2858, CVE-2016-3158, CVE-2016-3159, CVE-2016-3710, CVE-2016-3712, CVE-2016-3960, CVE-2016-4001, CVE-2016-4020, CVE-2016-4037, CVE-2016-4439, CVE-2016-4441, CVE-2016-4453, CVE-2016-4454, CVE-2016-4480, CVE-2016-4952, CVE-2016-4962, CVE-2016-4963, CVE-2016-5105, CVE-2016-5106, CVE-2016-5107, CVE-2016-5126, CVE-2016-5238, CVE-2016-5337, CVE-2016-5338, CVE-2016-5403, CVE-2016-6258, CVE-2016-6259, CVE-2016-6351, CVE-2016-6833, CVE-2016-6834, CVE-2016-6835, CVE-2016-6836, CVE-2016-6888, CVE-2016-7092, CVE-2016-7093, CVE-2016-7094, CVE-2016-7116, CVE-2016-7154, CVE-2016-7155, CVE-2016-7156, CVE-2016-7161, CVE-2016-7170, CVE-2016-7421, CVE-2016-7908, CVE-2016-7909, CVE-2016-8577, CVE-2016-8578, CVE-2016-8909, CVE-2016-8910, CVE-2016-9101, CVE-2016-9102, CVE-2016-9103, CVE-2016-9104, CVE-2016-9105, CVE-2016-9106, CVE-2017-10664, CVE-2018-10839, CVE-2018-17962, CVE-2018-17963

Published on 26/04/16 - Updated on 01/12/18

Description

Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2016-4002
Debian LTSDLA-1599-1
SUSE SUSE-SU-2016:1560, SUSE-SU-2016:1698, SUSE-SU-2016:1703, SUSE-SU-2016:1785, SUSE-SU-2016:2093, SUSE-SU-2016:2100, SUSE-SU-2016:2528, SUSE-SU-2016:2533, SUSE-SU-2016:2725
Ubuntu USN-2974-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
canonicalubuntu_linux
fedoraprojectfedora
qemuqemu

Share this vulnerability with:

Twitter Facebook LinkedIn Mail