Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet.
References
Link | Resource |
---|---|
http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=8b98a2f07175d46c3f7217639bd5e03f | |
http://rhn.redhat.com/errata/RHSA-2015-2694.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2015-2695.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2015-2696.html | Third Party Advisory |
http://www.debian.org/security/2016/dsa-3469 | Third Party Advisory |
http://www.debian.org/security/2016/dsa-3470 | Third Party Advisory |
http://www.debian.org/security/2016/dsa-3471 | Third Party Advisory |
http://www.openwall.com/lists/oss-security/2015/11/30/3 | Mailing List Third Party Advisory |
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html | Third Party Advisory |
http://www.securityfocus.com/bid/78230 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1034527 | Third Party Advisory VDB Entry |
https://security.gentoo.org/glsa/201602-01 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
13 Feb 2023, 00:54
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remote attackers to cause a denial of service (guest OS crash) or execute arbitrary code via a large packet. |
02 Feb 2023, 15:17
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Note that to exploit this flaw, the guest network interface must have a large MTU limit. |
Information
Published : 2016-01-08 21:59
Updated : 2023-12-10 11:46
NVD link : CVE-2015-7512
Mitre link : CVE-2015-7512
CVE.ORG link : CVE-2015-7512
JSON object : View
Products Affected
redhat
- enterprise_linux_server
- enterprise_linux_eus
- enterprise_linux_desktop
- enterprise_linux_workstation
- openstack
- virtualization
debian
- debian_linux
qemu
- qemu
oracle
- linux
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')