The virtio-win package is susceptible to denial of service(DoS). The attack exists because it does not properly escape the length of the incoming IP packets, allowing the attacker to send malicious IP packet to the guest to crash that guest.
CPE | Name | Operator | Version |
---|---|---|---|
virtio-win | eq | 1.7.1__1.el6_5 | |
virtio-win | eq | 1.7.1__1.el6_5 |
rhn.redhat.com/errata/RHSA-2015-1043.html
rhn.redhat.com/errata/RHSA-2015-1044.html
access.redhat.com/errata/RHSA-2015:1043
access.redhat.com/errata/RHSA-2015:1044
access.redhat.com/security/cve/CVE-2015-3215
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1227634
github.com/YanVugenfirer/kvm-guest-drivers-windows/commit/723416fa4210b7464b28eab89cc76252e6193ac1
github.com/YanVugenfirer/kvm-guest-drivers-windows/commit/fbfa4d1083ea84c5429992ca3e996d7d4fbc8238
rhn.redhat.com/errata/RHSA-2015-1043.html
www.redhat.com/security/data/cve/CVE-2015-3215.html