Denial Of Service (DoS)

qemu is vulnerable to denial of service. An infinite loop in the e1000 NIC emulator occurs while processing transmit tx descriptors in processtxdesc when various descriptor fields are initialized with invalid values...

Design/Logic Flaw

The processtxdesc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service infinite loop and guest crash via unspecified vectors...

CVE-2015-6815

The processtxdesc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service infinite loop and guest crash via unspecified vectors...

CVE-2015-6815

The processtxdesc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service infinite loop and guest crash via unspecified vectors...

DEBIAN-CVE-2012-0029

Heap-based buffer overflow in the processtxdesc function in the e1000 emulation hw/e1000.c in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service QEMU crash and possibly execute arbitrary code via crafted legacy mode packets...

qemu: e1000: process_tx_desc legacy mode packets heap overflow

Heap-based buffer overflow in the processtxdesc function in the e1000 emulation hw/e1000.c in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service QEMU crash and possibly execute arbitrary code via crafted legacy mode packets...