1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
PublicDateAtUSN: 2016-01-22
Candidate: CVE-2016-1981
PublicDate: 2016-12-29
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1981
http://www.openwall.com/lists/oss-security/2016/01/19/10
http://www.ubuntu.com/usn/usn-2891-1
Description:
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is
vulnerable to an infinite loop issue. It could occur while processing data
via transmit or receive descriptors, provided the initial receive/transmit
descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A
privileged user inside guest could use this flaw to crash the QEMU instance
resulting in DoS.
Ubuntu-Description:
Notes:
Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1298570
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=812307
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
Patches_qemu-kvm:
upstream_qemu-kvm: needed
precise_qemu-kvm: released (1.0+noroms-0ubuntu14.27)
trusty_qemu-kvm: DNE
vivid_qemu-kvm: DNE
vivid/stable-phone-overlay_qemu-kvm: DNE
vivid/ubuntu-core_qemu-kvm: DNE
wily_qemu-kvm: DNE
devel_qemu-kvm: DNE
Patches_qemu:
upstream: https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html
upstream_qemu: needed
precise_qemu: DNE
trusty_qemu: released (2.0.0+dfsg-2ubuntu1.22)
vivid_qemu: ignored (reached end-of-life)
vivid/stable-phone-overlay_qemu: DNE
vivid/ubuntu-core_qemu: DNE
wily_qemu: released (1:2.3+dfsg-5ubuntu9.2)
devel_qemu: released (1:2.5+dfsg-1ubuntu5)
|