CVE ID:	CVE-2016-8668
Description:	The rocker_io_writel function in hw/net/rocker/rocker.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging failure to limit DMA buffer size.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2016-8668 93566 http://www.securityfocus.com/bid/93566 GLSA-201611-11 https://security.gentoo.org/glsa/201611-11 [oss-security] 20161014 CVE request Qemu: net: OOB buffer access in rocker switch emulation http://www.openwall.com/lists/oss-security/2016/10/14/8 [oss-security] 20161015 Re: CVE request Qemu: net: OOB buffer access in rocker switch emulation http://www.openwall.com/lists/oss-security/2016/10/15/9 [qemu-devel] 20161012 [PATCH] net: rocker: set limit to DMA buffer size https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg02501.html openSUSE-SU-2016:3237 http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html