Use After Free Vulnerability in Qemu's 'chardev' Backend Support

Use After Free Vulnerability in Qemu's 'chardev' Backend Support

CVE-2016-9923 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Quick Emulator (Qemu) built with the 'chardev' backend support is vulnerable to a use after free issue. It could occur while hotplug and unplugging the device in the guest. A guest user/process could use this flaw to crash a Qemu process on the host resulting in DoS.

Learn more about our User Device Pen Test.