Attacker Value
Unknown
CVE-2016-2857
CVE-2016-2857
(Last updated October 05, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
The net_checksum_calculate function in net/checksum.c in QEMU allows local guest OS users to cause a denial of service (out-of-bounds heap read and crash) via the payload length in a crafted packet.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
8.4 High
Impact Score:
5.8
Exploitability Score:
2
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Changed
Confidentiality (C):
High
Integrity (I):
None
Availability (A):
High
General Information
Vendors
- canonical,
- debian,
- qemu,
- redhat
Products
- debian linux 8.0,
- enterprise linux desktop 6.0,
- enterprise linux desktop 7.0,
- enterprise linux eus 7.3,
- enterprise linux eus 7.4,
- enterprise linux eus 7.5,
- enterprise linux eus 7.6,
- enterprise linux eus 7.7,
- enterprise linux server 6.0,
- enterprise linux server 7.0,
- enterprise linux server aus 7.3,
- enterprise linux server aus 7.4,
- enterprise linux server aus 7.6,
- enterprise linux server aus 7.7,
- enterprise linux server tus 7.3,
- enterprise linux server tus 7.6,
- enterprise linux server tus 7.7,
- enterprise linux workstation 6.0,
- enterprise linux workstation 7.0,
- openstack 5.0,
- openstack 6.0,
- openstack 7.0,
- openstack 8,
- openstack 9,
- qemu,
- ubuntu linux 12.04,
- ubuntu linux 14.04,
- ubuntu linux 15.10,
- ubuntu linux 16.04,
- virtualization 3.0,
- virtualization 4.0
References
Advisory
Miscellaneous
