5 matches found
Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()
...
SUSE CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...
SUSE CVE-2021-28691
Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will...
CVE-2021-28715
Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...
DEBIAN-CVE-2020-15859
QEMU 4.2.0 has a use-after-free in hw/net/e1000ecore.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address...