CVE-2012-6075 (retired)

Priority
Description
Buffer overflow in the e1000_receive function in the e1000 device driver
(hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE
flags are disabled, allows remote attackers to cause a denial of service
(guest OS crash) and possibly execute arbitrary guest code via a large
packet.
Notes
 mdeslaur> hypervisor packages are in universe. For
 mdeslaur> issues in the hypervisor, add appropriate
 mdeslaur> tags to each section, ex:
 mdeslaur> Tags_xen: universe-binary
 kees> qemu and kvm are only included if the Xen issue is in full-virt mode.
 sarnold> "there will be no more qemu-kvm releases." -- Michael Tokarev
 sarnold> qemu patches should apply to xen's embedded copies
 mdeslaur> raring is replacing qemu-kvm with qemu (in progress)
Assigned-to
mdeslaur
Package
Source: kvm (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (1.3.0+dfsg-1~exp3ubuntu3)
Patches:
Vendor:http://www.debian.org/security/2013/dsa-2608
Package
Source: xen (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (4.2.0-1ubuntu6)
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
More Information

Updated: 2019-03-26 12:05:12 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)