CVE Vulnerabilities

CVE-2016-2198

NULL Pointer Dereference

Published: Dec 29, 2016 | Modified: Nov 10, 2020
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
2.3 LOW
AV:A/AC:M/Au:S/C:N/I:N/A:P
RedHat/V3
Ubuntu
LOW

QEMU (aka Quick Emulator) built with the USB EHCI emulation support is vulnerable to a null pointer dereference flaw. It could occur when an application attempts to write to EHCI capabilities registers. A privileged user inside quest could use this flaw to crash the QEMU process instance resulting in DoS.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Qemu Qemu * 2.5.1.1 (including)
Qemu Qemu 2.6.0-rc0 (including) 2.6.0-rc0 (including)
Qemu Qemu 2.6.0-rc1 (including) 2.6.0-rc1 (including)
Qemu Qemu 2.6.0-rc2 (including) 2.6.0-rc2 (including)
Qemu Qemu 2.6.0-rc3 (including) 2.6.0-rc3 (including)
Qemu Qemu 2.6.0-rc4 (including) 2.6.0-rc4 (including)
Qemu Ubuntu devel *
Qemu Ubuntu trusty *
Qemu Ubuntu upstream *
Qemu Ubuntu vivid *
Qemu Ubuntu wily *

Potential Mitigations

References