Back to search
CVE-2015-7504
Published: Oct 16, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
Heap-based buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU allows guest OS administrators to cause a denial of service (instance crash) or possibly execute arbitrary code via a series of packets in loopback mode.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2015:2694
vendor-advisory
x_refsource_REDHAT
1034268
vdb-entry
x_refsource_SECTRACK
78227
vdb-entry
x_refsource_BID
[oss-security] 20151130 CVE-2015-7504 Qemu: net: pcnet: heap overflow vulnerability in loopback mode
mailing-list
x_refsource_MLIST
[Qemu-devel] 20151130 [PATCH for 2.5 1/2] net: pcnet: add check to validate receive data size(CVE-2015-7504)
mailing-list
x_refsource_MLIST
http://xenbits.xen.org/xsa/advisory-162.html
x_refsource_CONFIRM
DSA-3469
vendor-advisory
x_refsource_DEBIAN
DSA-3470
vendor-advisory
x_refsource_DEBIAN
GLSA-201604-03
vendor-advisory
x_refsource_GENTOO
DSA-3471
vendor-advisory
x_refsource_DEBIAN
GLSA-201602-01
vendor-advisory
x_refsource_GENTOO
RHSA-2015:2696
vendor-advisory
x_refsource_REDHAT
RHSA-2015:2695
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now