Skip to main content
CVE-2016-5337 MEDIUM PATCH This Month

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-5238 MEDIUM PATCH This Month

The get_cmd function in hw/scsi/esp.c in QEMU might allow local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service Memory Corruption Buffer Overflow Qemu Ubuntu Linux +1
NVD
CVSS 3.1
4.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy