CVE-2016-1568

EUVD-2016-2663
Use-after-free vulnerability in hw/ide/ahci.c in QEMU, when built with IDE AHCI Emulation support, allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via an invalid AHCI Native Command Queuing (NCQ) AIO command.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Affected Products (NVD)
VendorProductVersion
qemuqemu
𝑥
≤ 2.5.1.1
redhatopenstack
6.0
redhatopenstack
7.0
redhatopenstack
5.0
redhatvirtualization
3.0
debiandebian_linux
7.0
debiandebian_linux
8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
qemu
bookworm
1:7.2+dfsg-7+deb12u7
fixed
bullseye
1:5.2+dfsg-11+deb11u3
fixed
bullseye (security)
1:5.2+dfsg-11+deb11u2
fixed
sid
1:9.1.1+ds-2
fixed
squeeze
not-affected
trixie
1:9.1.1+ds-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
qemu
precise
dne
trusty
Fixed 2.0.0+dfsg-2ubuntu1.22
released
vivid
ignored
wily
Fixed 1:2.3+dfsg-5ubuntu9.2
released
qemu-kvm
precise
Fixed 1.0+noroms-0ubuntu14.27
released
trusty
dne
vivid
dne
wily
dne
Common Weakness Enumeration
References
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=4ab0359a8ae182a7ac5c99609667273167703fab
http://rhn.redhat.com/errata/RHSA-2016-0084.html
http://rhn.redhat.com/errata/RHSA-2016-0086.html
http://rhn.redhat.com/errata/RHSA-2016-0087.html
http://rhn.redhat.com/errata/RHSA-2016-0088.html
http://www.debian.org/security/2016/dsa-3469
http://www.debian.org/security/2016/dsa-3470
http://www.debian.org/security/2016/dsa-3471
http://www.openwall.com/lists/oss-security/2016/01/09/1
http://www.openwall.com/lists/oss-security/2016/01/09/2
http://www.securityfocus.com/bid/80191
http://www.securitytracker.com/id/1034859
https://security.gentoo.org/glsa/201602-01
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=4ab0359a8ae182a7ac5c99609667273167703fab
http://rhn.redhat.com/errata/RHSA-2016-0084.html
http://rhn.redhat.com/errata/RHSA-2016-0086.html
http://rhn.redhat.com/errata/RHSA-2016-0087.html
http://rhn.redhat.com/errata/RHSA-2016-0088.html
http://www.debian.org/security/2016/dsa-3469
http://www.debian.org/security/2016/dsa-3470
http://www.debian.org/security/2016/dsa-3471
http://www.openwall.com/lists/oss-security/2016/01/09/1
http://www.openwall.com/lists/oss-security/2016/01/09/2
http://www.securityfocus.com/bid/80191
http://www.securitytracker.com/id/1034859
https://security.gentoo.org/glsa/201602-01