CVE-2016-9777

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-9777
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9777.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-9777
Downstream
Published
2016-12-28T07:59:00.510Z
Modified
2026-02-19T07:15:05.994731Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioapic.c and arch/x86/kvm/ioapic.h.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755
Introduced
ddf6b1a7de691080a203e6ce1dff4331e1770825
Fixed
81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755

Database specific

vanir_signatures 
[
    {
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "arch/x86/kvm/ioapic.c",
            "function": "rtc_irq_eoi_tracking_reset"
        },
        "digest": {
            "length": 151.0,
            "function_hash": "61638999811905096674023579565811154873"
        },
        "id": "CVE-2016-9777-2a8e9877",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "arch/x86/kvm/ioapic.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "207383735821635617341482879753070407131",
                "236466972557201570884732823428231635703",
                "170996198795299614075723061166884702351",
                "200049767503196561803646060292073239010"
            ]
        },
        "id": "CVE-2016-9777-63a40494",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "arch/x86/kvm/ioapic.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "141008152892889185647887918186270873713",
                "60333308115999183818073910228086601914",
                "132930853104638244932904926861065235281",
                "29163593949763165358459456552310967001",
                "218575749334615520347722967432115686635"
            ]
        },
        "id": "CVE-2016-9777-64d2bbc3",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755",
        "signature_type": "Line"
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9777.json"

Git / github.com/torvalds/linux

Affected ranges

Type
GIT
Repo
https://github.com/torvalds/linux
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755
Introduced
c8d2bc9bc39ebea8437fd974fdbc21847bb897a3
Fixed
81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755

Affected versions

v4.*
v4.8
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6

Database specific

vanir_signatures 
[
    {
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "arch/x86/kvm/ioapic.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "207383735821635617341482879753070407131",
                "236466972557201570884732823428231635703",
                "170996198795299614075723061166884702351",
                "200049767503196561803646060292073239010"
            ]
        },
        "id": "CVE-2016-9777-23ae3ca1",
        "source": "https://github.com/torvalds/linux/commit/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "arch/x86/kvm/ioapic.c",
            "function": "rtc_irq_eoi_tracking_reset"
        },
        "digest": {
            "length": 151.0,
            "function_hash": "61638999811905096674023579565811154873"
        },
        "id": "CVE-2016-9777-5da88af8",
        "source": "https://github.com/torvalds/linux/commit/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "target": {
            "file": "arch/x86/kvm/ioapic.h"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "141008152892889185647887918186270873713",
                "60333308115999183818073910228086601914",
                "132930853104638244932904926861065235281",
                "29163593949763165358459456552310967001",
                "218575749334615520347722967432115686635"
            ]
        },
        "id": "CVE-2016-9777-e05d3075",
        "source": "https://github.com/torvalds/linux/commit/81cdb259fb6d8c1c4ecfeea389ff5a73c07f5755",
        "signature_type": "Line"
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9777.json"