Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-0029
HistoryJan 23, 2012 - 12:00 a.m.

CVE-2012-0029

2012-01-2300:00:00
ubuntu.com
ubuntu.com
17

CVSS2

7.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:S/C:C/I:C/A:C

EPSS

0.001

Percentile

37.8%

Heap-based buffer overflow in the process_tx_desc function in the e1000
emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions,
allows guest OS users to cause a denial of service (QEMU crash) and
possibly execute arbitrary code via crafted legacy mode packets.

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchqemu-kvm< 0.12.3+noroms-0ubuntu9.17UNKNOWN
ubuntu10.10noarchqemu-kvm< 0.12.5+noroms-0ubuntu7.11UNKNOWN
ubuntu11.04noarchqemu-kvm< 0.14.0+noroms-0ubuntu4.5UNKNOWN
ubuntu11.10noarchqemu-kvm< 0.14.1+noroms-0ubuntu6.2UNKNOWN

CVSS2

7.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:S/C:C/I:C/A:C

EPSS

0.001

Percentile

37.8%