CVE-2016-7423

Priority
Description
The mptsas_process_scsi_io_request function in QEMU (aka Quick Emulator),
when built with LSI SAS1068 Host Bus emulation support, allows local guest
OS administrators to cause a denial of service (out-of-bounds write and
QEMU process crash) via vectors involving MPTSASRequest objects.
Package
Upstream:not-affected
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needed
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed2918b3861d9216f2c0540d9e9ae0d5
More Information

Updated: 2018-10-22 14:11:43 UTC (commit 03ef231d584286304e54ae60f0de485bd42f2da8)