vulnerability
Oracle Linux: CVE-2016-4020: ELSA-2017-1856: qemu-kvm security, bug fix, and enhancement update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:A/AC:H/Au:N/C:P/I:N/A:N) | 2016-04-07 | 2017-08-08 | 2025-01-07 |
Severity
2
CVSS
(AV:A/AC:H/Au:N/C:P/I:N/A:N)
Published
2016-04-07
Added
2017-08-08
Modified
2025-01-07
Description
The patch_instruction function in hw/i386/kvmvapic.c in QEMU does not initialize the imm32 variable, which allows local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR).
An information-exposure flaw was found in Quick Emulator (QEMU) in Task Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory.
An information-exposure flaw was found in Quick Emulator (QEMU) in Task Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory.
Solution(s)
oracle-linux-upgrade-qemu-imgoracle-linux-upgrade-qemu-kvmoracle-linux-upgrade-qemu-kvm-commonoracle-linux-upgrade-qemu-kvm-tools
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.