[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2016-0176":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":50,"duplicates":51,"related":52,"reserved_at":9,"published_at":71,"modified_at":72,"state":9,"summary":73,"references_raw":75,"kevs":116,"epss":9,"epss_history":117,"metrics":118,"affected":119},"MGASA-2016-0176","Updated qemu packages fix security vulnerabilities\n\nUpdated qemu packages fix security vulnerabilities:\n\nAn out-of-bounds flaw was found in the QEMU emulator built using\n'address_space_translate' to map an address to a MemoryRegionSection. The\nflaw could occur while doing pci_dma_read/write calls, resulting in an\nout-of-bounds read-write access error. A privileged user inside a guest could\nuse this flaw to crash the guest instance (denial of service) (CVE-2015-8817,\nCVE-2015-8818).\n\nA NULL-pointer dereference flaw was found in the QEMU emulator built with TPR\noptimization for 32-bit Windows guests support. The flaw occurs when doing\nI/O-port write operations from the HMP interface. The 'current_cpu' value\nremains null because it is not called from the cpu_exec() loop, and\ndereferencing it results in the flaw. An attacker with access to the HMP\ninterface could use this flaw to crash the QEMU instance (denial of service)\n(CVE-2016-1922).\n\nIt was discovered that QEMU incorrectly handled the e1000 device. An\nattacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service (CVE-2016-1981).\n\nZuozhi Fzz discovered that QEMU incorrectly handled IDE AHCI emulation. An\nattacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service (CVE-2016-2197).\n\nZuozhi Fzz discovered that QEMU incorrectly handled USB EHCI emulation. An\nattacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service (CVE-2016-2198).\n\nZuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation\nsupport. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service (CVE-2016-2391).\n\nQinghao Tang discovered that QEMU incorrectly handled USB Net emulation\nsupport. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service (CVE-2016-2392).\n\nQinghao Tang discovered that QEMU incorrectly handled USB Net emulation\nsupport. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service, or possibly leak\nhost memory bytes (CVE-2016-2538).\n\nHongke Yang discovered that QEMU incorrectly handled NE2000 emulation\nsupport. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service (CVE-2016-2841).\n\nLing Liu discovered that QEMU incorrectly handled IP checksum routines. An\nattacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service, or possibly leak host memory bytes\n(CVE-2016-2857).\n\nIt was discovered that QEMU incorrectly handled the PRNG back-end support.\nAn attacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service (CVE-2016-2858).\n\nWei Xiao and Qinghao Tang discovered that QEMU incorrectly handled access\nin the VGA module. A privileged attacker inside the guest could use this\nissue to cause QEMU to crash, resulting in a denial of service, or possibly\nexecute arbitrary code on the host. In the default installation, when QEMU\nis used with libvirt, attackers would be isolated by the libvirt AppArmor\nprofile (CVE-2016-3710).\n\nZuozhi Fzz discovered that QEMU incorrectly handled access in the VGA\nmodule. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service, or possibly\nexecute arbitrary code on the host. In the default installation, when QEMU\nis used with libvirt, attackers would be isolated by the libvirt AppArmor\nprofile (CVE-2016-3712).\n\nOleksandr Bazhaniuk discovered that QEMU incorrectly handled Luminary\nMicro Stellaris ethernet controller emulation. A remote attacker could use\nthis issue to cause QEMU to crash, resulting in a denial of service\n(CVE-2016-4001).\n\nOleksandr Bazhaniuk discovered that QEMU incorrectly handled MIPSnet\ncontroller emulation. A remote attacker could use this issue to cause QEMU\nto crash, resulting in a denial of service (CVE-2016-4002).\n\nDonghai Zdh discovered that QEMU incorrectly handled the Task Priority\nRegister(TPR). A privileged attacker inside the guest could use this issue\nto possibly leak host memory bytes (CVE-2016-4020).\n\nDu Shaobo discovered that QEMU incorrectly handled USB EHCI emulation\nsupport. A privileged attacker inside the guest could use this issue to\ncause QEMU to consume resources, resulting in a denial of service\n(CVE-2016-4037).\n\nThe qemu package has been updated to version 2.4.1 and patched to fix these\nissues.\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48],{"_key":15},"CVE-2015-8817",{"_key":17},"CVE-2015-8818",{"_key":19},"CVE-2016-1922",{"_key":21},"CVE-2016-1981",{"_key":23},"CVE-2016-2197",{"_key":25},"CVE-2016-2198",{"_key":27},"CVE-2016-2391",{"_key":29},"CVE-2016-2392",{"_key":31},"CVE-2016-2538",{"_key":33},"CVE-2016-2841",{"_key":35},"CVE-2016-2857",{"_key":37},"CVE-2016-2858",{"_key":39},"CVE-2016-3710",{"_key":41},"CVE-2016-3712",{"_key":43},"CVE-2016-4001",{"_key":45},"CVE-2016-4002",{"_key":47},"CVE-2016-4020",{"_key":49},"CVE-2016-4037",[],[],[53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},"2016-05-18T20:14:22Z","2026-04-16T06:24:31.660709406Z",{"cisa_kev":74,"cisa_ransomware":74,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[76,82,87,92,96,100,104,108,112],{"url":77,"sources":78,"tags":80},"https://advisories.mageia.org/MGASA-2016-0176.html",[79],"osv_mageia",[81],"Advisory",{"url":83,"sources":84,"tags":85},"https://bugs.mageia.org/show_bug.cgi?id=17534",[79],[86],"REPORT",{"url":88,"sources":89,"tags":90},"http://wiki.qemu.org/ChangeLog/2.2",[79],[86,91],"WEB",{"url":93,"sources":94,"tags":95},"http://wiki.qemu.org/ChangeLog/2.3",[79],[86,91],{"url":97,"sources":98,"tags":99},"http://wiki.qemu.org/ChangeLog/2.4",[79],[86,91],{"url":101,"sources":102,"tags":103},"https://bugzilla.redhat.com/show_bug.cgi?id=1300771",[79],[86],{"url":105,"sources":106,"tags":107},"https://bugzilla.redhat.com/show_bug.cgi?id=1283934",[79],[86],{"url":109,"sources":110,"tags":111},"http://www.ubuntu.com/usn/usn-2891-1/",[79],[86,91],{"url":113,"sources":114,"tags":115},"http://www.ubuntu.com/usn/usn-2974-1/",[79],[86,91],[],[],[],[120],{"ecosystem":121,"name":122,"vendor":123,"product":122,"cpe_part":9,"purl_type":124,"purl_namespace":123,"purl_name":122,"source":9,"versions":125},"Mageia","qemu","mageia","rpm",[126],{"version":127,"is_range":128,"range_type":129,"version_start":9,"version_start_type":9,"version_end":130,"version_end_type":131,"fixed_in":9},"lt2_4_1_5_mga5",true,"ecosystem","2.4.1-5.mga5","excluding"]