Описание
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.
An infinite loop flaw was found in the way QEMU's e1000 NIC emulation implementation processed data using transmit or receive descriptors under certain conditions. A privileged user inside a guest could use this flaw to crash the QEMU instance.
Отчет
This issue affects the versions of kvm and xen packages as shipped with Red Hat Enterprise Linux 5. This issue affects the versions of the qemu-kvm packages as shipped with Red Hat Enterprise Linux 6 and 7. This issue affects the Red Hat Enterprise Linux 6 based versions of qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3. This issue affect the Red Hat Enterprise Linux 7 based versions of the qemu-kvm-rhev packages as shipped with Red Hat Enterprise Virtualization 3. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kvm | Will not fix | ||
| Red Hat Enterprise Linux 5 | xen | Will not fix | ||
| Red Hat Enterprise Linux 6 | qemu-kvm | Will not fix | ||
| Red Hat Enterprise Linux 6 | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux 7 | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | qemu-kvm-rhev | Will not fix | ||
| Red Hat OpenStack Platform 8 (Liberty) | qemu-kvm-rhev | Will not fix | ||
| Red Hat Enterprise Linux 7 | qemu-kvm | Fixed | RHSA-2016:2585 | 03.11.2016 |
Показывать по
Дополнительная информация
Статус:
EPSS
2.3 Low
CVSS2
Связанные уязвимости
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support i ...
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.
ELSA-2016-2585: qemu-kvm security, bug fix, and enhancement update (MODERATE)
EPSS
2.3 Low
CVSS2