How severe is CVE-2016-7907?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2016-7907?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2016-7907 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.

Related Vulnerabilities

CVE-2015-5208

MEDIUM

CVSS:4.4(Medium)

Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link.

CWE-202015

CVE-2015-7509

MEDIUM

CVSS:4.4(Medium)

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

CWE-202015

CVE-2015-8552

MEDIUM

CVSS:4.4(Medium)

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN message...

CWE-202015

CVE-2016-6246

MEDIUM

CVSS:4.4(Medium)

OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) d...

CWE-202016

CVE-2017-0164

MEDIUM

CVSS:4.4(Medium)

A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Serv...

CWE-202017

CVE-2017-16637

MEDIUM

CVSS:4.4(Medium)

In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvan...

CWE-202017