CVE-2016-2841

Priority
Low
Description
The ne2000_receive function in the NE2000 NIC emulation support
(hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators
to cause a denial of service (infinite loop and QEMU process crash) via
crafted values for the PSTART and PSTOP registers, involving ring buffer
control.
References
Bugs
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Package
Source: qemu (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):released (2.0.0+dfsg-2ubuntu1.24)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:2.5+dfsg-5ubuntu10.1)
Patches:
Other:https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg06126.html
Upstream:http://git.qemu.org/?p=qemu.git;a=commit;h=415ab35a441eca767d033a2702223e785b9d5190
More Information

Updated: 2018-06-26 04:59:33 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)