{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-12-09T00:00:00", "descriptions": [{"lang": "en", "value": "Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-09-07T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"}, {"name": "RHSA-2017:2392", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2392"}, {"name": "GLSA-201701-49", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201701-49"}, {"name": "94803", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94803"}, {"name": "RHSA-2017:2408", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2408"}, {"name": "[oss-security] 20161209 Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/12/09/1"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:07:31.373Z"}, "title": "CVE Program Container", "references": [{"name": "[debian-lts-announce] 20180906 [SECURITY] [DLA 1497-1] qemu security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"}, {"name": "RHSA-2017:2392", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2392"}, {"name": "GLSA-201701-49", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-49"}, {"name": "94803", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/94803"}, {"name": "RHSA-2017:2408", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2408"}, {"name": "[oss-security] 20161209 Re: CVE request Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/12/09/1"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-9921", "datePublished": "2016-12-23T22:00:00", "dateReserved": "2016-12-08T00:00:00", "dateUpdated": "2024-08-06T03:07:31.373Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "matchCriteriaId": "F83E2010-6463-407A-928D-DB71A705A04C", "versionEndIncluding": "2.7.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:2.8.0:rc0:*:*:*:*:*:*", "matchCriteriaId": "58947AD5-A971-4E22-8D8A-634E2ED5DECD", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:2.8.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "62294521-D8AD-43C1-9B53-D75243DC9A5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:qemu:qemu:2.8.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "436470C3-919A-40F0-9813-A34CD8F7CF29", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", "matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", "matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", "matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*", "matchCriteriaId": "4E9AF77C-5D49-4842-9817-AD710A919073", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS."}, {"lang": "es", "value": "Quick emulator (Qemu) construido con el soporte Cirrus CLGD 54xx VGA Emulator es vulnerable a un problema de divisi\u00f3n por cero. Podr\u00eda ocurrir mientras se copian datos VGA cuando el modo de gr\u00e1ficos cirrus estaba configurado para ser VGA. Un usuario privilegiado dentro del hu\u00e9sped podr\u00eda usar esta falla para bloquear la instancia del proceso Qemu en el host, resultando en DoS."}], "id": "CVE-2016-9921", "lastModified": "2023-02-13T04:50:17.927", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-12-23T22:59:00.550", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/12/09/1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94803"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2392"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2408"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201701-49"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-369"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Jiangxin (Huawei Inc.), Li Qiang (Qihoo 360), and Qinghao Tang (Qihoo 360) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2017:2408", "cpe": "cpe:/a:redhat:openstack:6::el7", "package": "qemu-kvm-rhev-10:2.9.0-10.el7", "product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2408", "cpe": "cpe:/a:redhat:openstack:7::el7", "package": "qemu-kvm-rhev-10:2.9.0-10.el7", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2408", "cpe": "cpe:/a:redhat:openstack:10::el7", "package": "qemu-kvm-rhev-10:2.9.0-10.el7", "product_name": "Red Hat OpenStack Platform 10.0 (Newton)", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2408", "cpe": "cpe:/a:redhat:openstack:11::el7", "package": "qemu-kvm-rhev-10:2.9.0-10.el7", "product_name": "Red Hat OpenStack Platform 11.0 (Ocata)", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2408", "cpe": "cpe:/a:redhat:openstack:8::el7", "package": "qemu-kvm-rhev-10:2.9.0-10.el7", "product_name": "Red Hat OpenStack Platform 8.0 (Liberty)", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2408", "cpe": "cpe:/a:redhat:openstack:9::el7", "package": "qemu-kvm-rhev-10:2.9.0-10.el7", "product_name": "Red Hat OpenStack Platform 9.0 (Mitaka)", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2392", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "qemu-kvm-rhev-10:2.9.0-14.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2017-08-01T00:00:00Z"}], "bugzilla": {"description": "Qemu: display: cirrus_vga: a divide by zero in cirrus_do_copy", "id": "1334398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334398"}, "csaw": false, "cvss": {"cvss_base_score": "2.3", "cvss_scoring_vector": "AV:A/AC:M/Au:S/C:N/I:N/A:P", "status": "verified"}, "cvss3": {"cvss3_base_score": "3.0", "cvss3_scoring_vector": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-369", "details": ["Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to a divide by zero issue. It could occur while copying VGA data when cirrus graphics mode was set to be VGA. A privileged user inside guest could use this flaw to crash the Qemu process instance on the host, resulting in DoS."], "name": "CVE-2016-9921", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kvm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "xen", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "qemu-kvm", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openstack:5::el6", "fix_state": "Will not fix", "package_name": "qemu-kvm-rhev", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)"}], "public_date": "2016-10-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-9921\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-9921"], "threat_severity": "Low"}