CVE-2016-8669

The serial_update_parameters function in hw/char/serial.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base.

Weakness

The product divides a value by zero.

Affected Software

Name	Vendor	Start Version	End Version
Qemu	Qemu	*	2.7.1 (including)
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 10.0 (Newton)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 11.0 (Ocata)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 8.0 (Liberty)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat OpenStack Platform 9.0 (Mitaka)	RedHat	qemu-kvm-rhev-10:2.9.0-10.el7	*
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7	RedHat	qemu-kvm-rhev-10:2.9.0-14.el7	*
Qemu	Ubuntu	trusty	*
Qemu	Ubuntu	xenial	*
Qemu	Ubuntu	yakkety	*
Qemu-kvm	Ubuntu	precise	*
Qemu-kvm	Ubuntu	precise/esm	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8669
CWE	https://cwe.mitre.org/data/definitions/369.html

Divide By Zero

Weakness

Affected Software

References