DEBIAN-CVE-2016-9776

DEBIAN-CVE-2016-9776 PUBLISHED CVSS 5.5 MEDIUM

QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in 'mcf_fec_receive'. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	qemu	0, 0, 0
Debian:14	qemu	0, 0, 0
Debian:13	qemu	0, 0, 0
Debian:12	qemu	0, 0, 0

Timeline

Dec 29, 2016 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2016-9776 advisory

Open in Interactive Console →