QwikSec

Security Database

CVE

CWE

Training

CVE-2012-6075

Published: Feb 13, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=b0d9ffcd0251161c7c92f94804dcf599dfa3edeb

x_refsource_CONFIRM

FEDORA-2013-0965

vendor-advisory

x_refsource_FEDORA

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2013:0637

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_GENTOO

[oss-security] 20121229 Re: CVE request: qemu e1000 emulated device gues-side buffer overflow

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

https://bugzilla.redhat.com/show_bug.cgi?id=889301

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

FEDORA-2013-0934

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2013:0636

vendor-advisory

x_refsource_SUSE

SUSE-SU-2014:0446

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

[Qemu-devel] 20121205 [PATCH] e1000: Discard oversized packets based on SBP|LPE

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

FEDORA-2013-0971

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.