Code injection

The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service guest crash via a crafted length value in an IP packet, as demonstrated by a value that does not account for the size of the IP options...

CVE-2015-3215

The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service guest crash via a crafted length value in an IP packet, as demonstrated by a value that does not account for the size of the IP options...

virtio-win: netkvm: malformed packet can cause BSOD

It was found that the Windows Virtio NIC driver did not sufficiently sanitize the length of the incoming IP packets, as demonstrated by a packet with IP options present but the overall packet length not being adjusted to reflect the length of those options. A remote attacker able to send a...

Important: Red Hat Security Advisory: virtio-win security and bug fix update

An updated virtio-win package that fixes one security issue and two bugs is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

PT-2017-6647 · Netkvm +1 · Netkvm Windows Virtio Driver +1

Name of the Vulnerable Software and Affected Versions: NetKVM Windows Virtio driver affected versions not specified Description: The issue allows remote attackers to cause a denial of service, resulting in a guest crash. This can be achieved by sending a crafted IP packet with a length value that...

Fedora 21 : qemu-2.1.2-2.fc21 (2014-11588)

Rebased to version 2.1.2 - CVE-2014-3640 qemu: slirp: NULL pointer bz 1144821, bz 1144818 - Add Requires seabios = 1.7.5, otherwise Windows virtio booting does not work. - Add Requires seabios = 1.7.5, otherwise Windows virtio booting does not work. - Fix crash on migration/snapshot bz 1144490...