CVE-2016-3044 — MEDIUM (6.5)

Vulnerability Description

The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.

CVSS Score

6.5

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Ibm	Powerkvm	2.1

Related Weaknesses (CWE)

CWE-20 CWE-284

References

http://rhn.redhat.com/errata/RHSA-2016-1033.html
http://rhn.redhat.com/errata/RHSA-2016-2574.html
http://www-01.ibm.com/support/docview.wss?uid=isg3T1023969Vendor Advisory
http://www.securityfocus.com/bid/92123Third Party AdvisoryVDB Entry
http://rhn.redhat.com/errata/RHSA-2016-1033.html
http://rhn.redhat.com/errata/RHSA-2016-2574.html
http://www-01.ibm.com/support/docview.wss?uid=isg3T1023969Vendor Advisory
http://www.securityfocus.com/bid/92123Third Party AdvisoryVDB Entry

FAQ

What is CVE-2016-3044?

CVE-2016-3044 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Linux kernel component in IBM PowerKVM 2.1 before 2.1.1.3-65.10 and 3.1 before 3.1.0.2 allows guest OS users to cause a denial of service (host OS infinite loop and hang) via unspecified vectors.

How severe is CVE-2016-3044?

CVE-2016-3044 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-3044?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Powerkvm.