OVAL Reference oval:com.ubuntu.precise:def:20162392000

Oval Definition:

oval:com.ubuntu.precise:def:20162392000

Revision Date:	2016-06-16	Version:	1
Title:	CVE-2016-2392 on Ubuntu 12.04 LTS (precise) - low.
Description:	The is_rndis function in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 does not properly validate USB configuration descriptor objects, which allows local guest OS administrators to cause a denial of service (NULL pointer dereference and QEMU process crash) via vectors involving a remote NDIS control message packet.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-2392
Platform(s):	Ubuntu 12.04 LTS	Product(s):
Definition Synopsis
Ubuntu 12.04 LTS (precise) is installed. AND The 'qemu-kvm' package in precise was vulnerable but has been fixed (note: '1.0+noroms-0ubuntu14.28').