CVE-2016-5403

MEDIUM

Canonical Ubuntu Linux < 2.6.0 - Denial of Service

Title source: rule

Description

The virtqueue_pop function in hw/virtio/virtio.c in QEMU allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion.

References (21)

... and 1 more

Scores

CVSS v3 5.5
EPSS 0.0007
EPSS Percentile 21.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-400
Status draft

Affected Products (38)

canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
oracle/linux
oracle/linux
oracle/linux
oracle/vm_server
qemu/qemu < 2.6.0
qemu/qemu
debian/debian_linux
redhat/openstack
redhat/openstack
redhat/openstack
redhat/openstack
redhat/openstack
... and 23 more

Timeline

Published Aug 02, 2016
Tracked Since Feb 18, 2026