QEMU (aka Quick Emulator) built with the ColdFire Fast Ethernet Controller emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets in ‘mcf_fec_receive’. A privileged user/process inside guest could use this issue to crash the QEMU process on the host leading to DoS.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | qemu | < 1:2.8+dfsg-1 | qemu_1:2.8+dfsg-1_all.deb |
Debian | 11 | all | qemu | < 1:2.8+dfsg-1 | qemu_1:2.8+dfsg-1_all.deb |
Debian | 10 | all | qemu | < 1:2.8+dfsg-1 | qemu_1:2.8+dfsg-1_all.deb |
Debian | 999 | all | qemu | < 1:2.8+dfsg-1 | qemu_1:2.8+dfsg-1_all.deb |
Debian | 13 | all | qemu | < 1:2.8+dfsg-1 | qemu_1:2.8+dfsg-1_all.deb |