36 matches found
DEBIAN-CVE-2021-3416
A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...
PT-2021-7378
Name of the Vulnerable Software and Affected Versions QEMU versions up to and including 5.2.0 Description The issue is related to a potential stack overflow via an infinite loop in various NIC emulators of QEMU. This occurs in loopback mode of a NIC where reentrant DMA checks get bypassed, allowi...
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
...
Denial Of Service (DoS)
QEMU is vulnerable to denial of service. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host...
CVE-2015-7504
Heap-based buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service instance crash or possibly execute arbitrary code via a series of packets in loopback mode...
Heap overflow
Heap-based buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service instance crash or possibly execute arbitrary code via a series of packets in loopback mode...
CVE-2015-7504
Heap-based buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service instance crash or possibly execute arbitrary code via a series of packets in loopback mode...
CVE-2015-7504
CVE-2015-7504 is a heap-based buffer overflow in the PC-Net II ethernet controller (hw/net/pcnet.c) of QEMU, exposed via guest-controlled packet reception. The flaw in pcnet_receive can lead to denial of service (instance crash) or possibly arbitrary code execution when handling a sequence of pac...
CVE-2015-7504
Heap-based buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service instance crash or possibly execute arbitrary code via a series of packets in loopback mode...
Qemu: net: pcnet: heap overflow vulnerability in pcnet_receive
A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host QEMU process resulting in denial of...
Qemu: net: pcnet: buffer overflow in non-loopback mode
A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Not...
Qemu: net: pcnet: heap overflow vulnerability in pcnet_receive
A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user with the CAPSYSRAWIO capability inside a guest could use this flaw to crash the host QEMU process resulting in denial of...
Qemu: net: pcnet: buffer overflow in non-loopback mode
A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Not...
QEMU AMD PC-Net II Ethernet Controller Packet Length Buffer Overflow Vulnerability
QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. A buffer overflow vulnerability exists in the 'pcnetreceive' function in the hw/net/pcnet.c file in QEMU version 2.5.0, which originates from the program failing to...
CVE-2015-7504
Heap-based buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service instance crash or possibly execute arbitrary code via a series of packets in loopback mode...
UBUNTU-CVE-2015-7504
Heap-based buffer overflow in the pcnetreceive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service instance crash or possibly execute arbitrary code via a series of packets in loopback mode...