CVE-2016-9101

MEDIUM

QEMU - Memory Corruption

Title source: llm

Description

Memory leak in hw/net/eepro100.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by repeatedly unplugging an i8255x (PRO100) NIC device.

References (7)

Scores

CVSS v3 6.0
EPSS 0.0012
EPSS Percentile 30.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Classification

CWE
CWE-772
Status published

Affected Products (4)

qemu/qemu < 2.7.1
opensuse/leap
debian/debian_linux
n/a/n/a

Timeline

Published Dec 09, 2016
Tracked Since Feb 18, 2026