CVE-2016-9921

Severity CVSS v4.0:
Pending analysis
Type:
CWE-369 Divide By Zero
Publication date:
23/12/2016
Last modified:
12/04/2025

Description

Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* 2.7.1 (including)
cpe:2.3:a:qemu:qemu:2.8.0:rc0:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:qemu:qemu:2.8.0:rc2:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*