Back to search
CVE-2016-2841
Published: Jun 16, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20160302 CVE request Qemu: net: ne2000: infinite loop in ne2000_receive
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1303106
x_refsource_CONFIRM
84028
vdb-entry
x_refsource_BID
GLSA-201609-01
vendor-advisory
x_refsource_GENTOO
[qemu-devel] 20160226 Re: [PATCH v2] net: ne2000: check ring buffer control registers
mailing-list
x_refsource_MLIST
USN-2974-1
vendor-advisory
x_refsource_UBUNTU
[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
mailing-list
x_refsource_MLIST
[qemu-stable] 20160329 [Qemu-stable] [ANNOUNCE] QEMU 2.5.1 Stable released
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now