DEBIAN-CVE-2016-6888
Integer overflow in the nettxpktinit function in hw/net/nettxpkt.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service QEMU process crash via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference...