CVE-2016-9916

Name of the Vulnerable Software and Affected Versions QEMU (affected versions not specified)

Description The issue is related to a memory leak in the hw/9pfs/9p-proxy.c function of the QEMU hardware emulator's proxy backend service. This leak can be exploited by a local user of the guest operating system, allowing them to cause a denial of service. The denial of service can manifest as consumption of the host's memory or a crash of the QEMU process. The exploitation is possible due to a missing cleanup operation in the proxy backend.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.