Lucene search
Ubuntu.comUB:CVE-2012-6075HistoryDec 31, 2012 - 12:00 a.m.
CVE-2012-6075
2012-12-3100:00:00
ubuntu.com
ubuntu.com
11
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.023 Low
EPSS
Percentile
89.6%
Buffer overflow in the e1000_receive function in the e1000 device driver
(hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE
flags are disabled, allows remote attackers to cause a denial of service
(guest OS crash) and possibly execute arbitrary guest code via a large
packet.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | hypervisor packages are in universe. For issues in the hypervisor, add appropriate tags to each section, ex: Tags_xen: universe-binary |
| kees | qemu and kvm are only included if the Xen issue is in full-virt mode. |
| seth-arnold | “there will be no more qemu-kvm releases.” – Michael Tokarev qemu patches should apply to xen’s embedded copies |
| mdeslaur | raring is replacing qemu-kvm with qemu (in progress) |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 13.04 | noarch | qemu | < 1.3.0+dfsg-1~exp3ubuntu3 | UNKNOWN |
| ubuntu | 13.10 | noarch | qemu | < 1.3.0+dfsg-1~exp3ubuntu3 | UNKNOWN |
| ubuntu | 10.04 | noarch | qemu-kvm | < 0.12.3+noroms-0ubuntu9.21 | UNKNOWN |
| ubuntu | 11.10 | noarch | qemu-kvm | < 0.14.1+noroms-0ubuntu6.6 | UNKNOWN |
| ubuntu | 12.04 | noarch | qemu-kvm | < 1.0+noroms-0ubuntu14.7 | UNKNOWN |
| ubuntu | 12.10 | noarch | qemu-kvm | < 1.2.0+noroms-0ubuntu2.12.10.2 | UNKNOWN |
| ubuntu | 11.10 | noarch | xen | < 4.1.1-2ubuntu4.5 | UNKNOWN |
| ubuntu | 12.04 | noarch | xen | < 4.1.2-2ubuntu2.5 | UNKNOWN |
| ubuntu | 12.10 | noarch | xen | < 4.1.3-3ubuntu1.2 | UNKNOWN |
| ubuntu | 13.04 | noarch | xen | < 4.2.0-1ubuntu6 | UNKNOWN |
Related
openvas
openvas
RedHat Update for xen RHSA-2013:0599-01
2013-03-08 00:00:00
Ubuntu Update for qemu-kvm USN-1692-1
2013-01-21 00:00:00
Debian Security Advisory DSA 2607-1 (qemu-kvm - buffer overflow)
2013-01-15 00:00:00
nessus
nessus
Scientific Linux Security Update : qemu-kvm on SL6.x i386/x86_64 (20130307)
2013-03-08 00:00:00
CentOS 6 : qemu-kvm (CESA-2013:0609)
2013-03-10 00:00:00
Debian DSA-2619-1 : xen-qemu-dm-4.0 - buffer overflow
2013-02-11 00:00:00
debian
debian
[SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update
2013-02-10 18:22:33
[SECURITY] [DSA 2608-1] qemu security update
2013-01-15 20:38:41
[SECURITY] [DSA 2607-1] qemu-kvm security update
2013-01-15 20:26:24
centos
centos
qemu security update
2013-03-09 00:45:27
xen security update
2013-03-06 19:54:46
kmod, kvm security update
2013-03-08 00:28:36
ubuntu
ubuntu
QEMU vulnerability
2013-01-16 00:00:00
redhat
redhat
(RHSA-2013:0608) Important: kvm security update
2013-03-07 00:00:00
(RHSA-2013:0609) Important: qemu-kvm security update
2013-03-07 00:00:00
(RHSA-2013:0639) Important: qemu-kvm-rhev security update
2013-03-12 00:00:00
securityvulns
securityvulns
qemu buffer overflow
2013-01-21 00:00:00
[SECURITY] [DSA 2608-1] qemu security update
2013-01-21 00:00:00
osv
osv
qemu - buffer overflow
2013-01-15 00:00:00
qemu-kvm - buffer overflow
2013-01-15 00:00:00
cve
cve
CVE-2012-6075
2013-02-13 01:55:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:59:10
oraclelinux
oraclelinux
xen security update
2013-03-06 00:00:00
qemu-kvm security update
2013-03-07 00:00:00
kvm security update
2013-03-07 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: qemu-1.2.2-2.fc18
2013-01-26 16:03:36
[SECURITY] Fedora 18 Update: qemu-1.2.2-11.fc18
2013-04-26 00:54:36
[SECURITY] Fedora 18 Update: qemu-1.2.2-13.fc18
2013-07-01 01:42:44
debiancve
debiancve
CVE-2012-6075
2013-02-13 01:55:00
xen
xen
qemu (e1000 device driver): Buffer overflow when processing large packets
2013-01-16 14:50:00
prion
prion
Buffer overflow
2013-02-13 01:55:00
suse
suse
Security update for Xen (important)
2014-03-25 23:04:15
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.023 Low
EPSS
Percentile
89.6%
Related for UB:CVE-2012-6075