Oval Definition:	oval:com.ubuntu.xenial:def:201625380000000
Revision Date: 2016-06-16 Version: 1 Title: CVE-2016-2538 on Ubuntu 16.04 LTS (xenial) - low. Description: Multiple integer overflows in the USB Net device emulator (hw/usb/dev-network.c) in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service (QEMU process crash) or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the (1) rndis_query_response, (2) rndis_set_response, or (3) usb_net_handle_dataout function. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-2538 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND qemu package in xenial was vulnerable but has been fixed (note: '1:2.5+dfsg-5ubuntu10.1').
BACK