EUVD-2015-8578

Malware in sbrugna...

CVE-2015-8701

QEMU aka Quick Emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit tx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16 fragments. A privileged user inside guest coul...

Design/Logic Flaw

QEMU aka Quick Emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit tx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16 fragments. A privileged user inside guest coul...

CVE-2015-8701

QEMU aka Quick Emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit tx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16 fragments. A privileged user inside guest coul...

CVE-2015-8701

QEMU aka Quick Emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit tx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16 fragments. A privileged user inside guest coul...

CVE-2015-8701

QEMU aka Quick Emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit tx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16 fragments. A privileged user inside guest coul...

CVE-2015-8701

QEMU aka Quick Emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit tx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16 fragments. A privileged user inside guest coul...

CVE-2015-8701

CVE-2015-8701 affects QEMU with Rocker switch emulation. Affected path is tx_consume processing of TX descriptors; if a descriptor has more than ROCKER_TX_FRAGS_MAX (16) fragments, an off-by-one error can cause memory leakage on the host or crash the QEMU process, leading to DoS. Exploitation det...

FreeBSD : qemu -- denial of service vulnerability in Rocker switch emulation (1384f2fd-b1be-11e5-9728-002590263bf5)

Prasad J Pandit, Red Hat Product Security Team, reports : Qemu emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmittx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16...

qemu -- denial of service vulnerability in Rocker switch emulation

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmittx descriptors in 'txconsume' routine, if a descriptor was to have more than allowed ROCKERTXFRAGSMAX=16...