QEMU Megasas_ctrl_get_info Function Information Disclosure Vulnerability

QEMU Megasas_ctrl_get_info Function Information Disclosure Vulnerability

CVE-2016-5337 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allows local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information.

Learn more about our Web Application Penetration Testing UK.