CVE-2015-8744

Priority
Description
QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC
emulator support is vulnerable to crash issue. It occurs when a guest sends
a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest
user could use this flaw to crash the QEMU process instance resulting in
DoS.
Assigned-to
mdeslaur
Notes
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.22)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (1:2.5+dfsg-1ubuntu3)
Patches:
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=a7278b36fcab9af469563bd7b
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2020-09-10 04:57:02 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)