CVE-2016-1714

Name: CVE-2016-1714
Creator: NVD / NIST
Published: 2016-04-07T19:59:02.48+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 6.13%

Last modified Jun 17, 2026

CVE-2016-1714 is a vulnerability of currently unknown severity. The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.. EPSS estimates a 6.13% chance of exploitation in the next 30 days.

Description

The (1) fw_cfg_write and (2) fw_cfg_read functions in hw/nvram/fw_cfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAP_SYS_RAWIO privilege to cause a denial of service (out-of-bounds read or write access and process crash) or possibly execute arbitrary code via an invalid current entry value in a firmware configuration.

Metrics

EPSS Probability

6.13%

92.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Redhat	Openstack	5.0
Oracle	Linux	6
Oracle	Linux	7
Qemu	Qemu	<= 2.3.0

References

http://rhn.redhat.com/errata/RHSA-2016-0081.html
http://rhn.redhat.com/errata/RHSA-2016-0082.html
http://rhn.redhat.com/errata/RHSA-2016-0083.html
http://rhn.redhat.com/errata/RHSA-2016-0084.html
http://rhn.redhat.com/errata/RHSA-2016-0085.htmlIssue Tracking, Third Party Advisory, VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-0086.html
http://rhn.redhat.com/errata/RHSA-2016-0087.html
http://rhn.redhat.com/errata/RHSA-2016-0088.htmlIssue Tracking, Third Party Advisory, VDB Entry
http://www.debian.org/security/2016/dsa-3469
http://www.debian.org/security/2016/dsa-3470
http://www.debian.org/security/2016/dsa-3471
http://www.openwall.com/lists/oss-security/2016/01/11/7Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/12/10Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/12/11Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlThird Party Advisory
http://www.securityfocus.com/bid/80250Third Party Advisory
http://www.securitytracker.com/id/1034858Third Party Advisory
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00428.htmlVendor Advisory
https://security.gentoo.org/glsa/201604-01
http://rhn.redhat.com/errata/RHSA-2016-0081.html
http://rhn.redhat.com/errata/RHSA-2016-0082.html
http://rhn.redhat.com/errata/RHSA-2016-0083.html
http://rhn.redhat.com/errata/RHSA-2016-0084.html
http://rhn.redhat.com/errata/RHSA-2016-0085.htmlIssue Tracking, Third Party Advisory, VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-0086.html
http://rhn.redhat.com/errata/RHSA-2016-0087.html
http://rhn.redhat.com/errata/RHSA-2016-0088.htmlIssue Tracking, Third Party Advisory, VDB Entry
http://www.debian.org/security/2016/dsa-3469
http://www.debian.org/security/2016/dsa-3470
http://www.debian.org/security/2016/dsa-3471
http://www.openwall.com/lists/oss-security/2016/01/11/7Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/12/10Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/12/11Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.htmlThird Party Advisory
http://www.securityfocus.com/bid/80250Third Party Advisory
http://www.securitytracker.com/id/1034858Third Party Advisory
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00428.htmlVendor Advisory
https://security.gentoo.org/glsa/201604-01

Timeline

Published: Apr 7, 2016
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-1714?

How severe is CVE-2016-1714?

Severity scoring for CVE-2016-1714 is pending analysis. The EPSS model estimates a 6.13% probability of exploitation in the next 30 days.

How do I fix CVE-2016-1714?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-1714?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST