Back to search
CVE-2016-6888
Published: Dec 10, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
Integer overflow in the net_tx_pkt_init function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (QEMU process crash) via the maximum fragmentation count, which triggers an unchecked multiplication and NULL pointer dereference.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92556
vdb-entry
x_refsource_BID
[oss-security] 20160819 CVE Request: Qemu: net: vmxnet: integer overflow in packet initialisation
mailing-list
x_refsource_MLIST
RHSA-2017:2392
vendor-advisory
x_refsource_REDHAT
GLSA-201609-01
vendor-advisory
x_refsource_GENTOO
[qemu-devel] 20160818 [PULL 1/2] net: vmxnet: use g_new for pkt initialisation
mailing-list
x_refsource_MLIST
[oss-security] 20160819 Re: CVE Request: Qemu: net: vmxnet: integer overflow in packet initialisation
mailing-list
x_refsource_MLIST
[debian-lts-announce] 20181130 [SECURITY] [DLA 1599-1] qemu security update
mailing-list
x_refsource_MLIST
RHSA-2017:2408
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now