Packet fragmentation bug in Vmxnet3 device emulator in QEMU - #VU320
Published: August 16, 2016 / Updated: March 19, 2018
Vulnerability identifier: #VU320
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-20
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: QEMU
Affected software:
QEMU
QEMU
Detailed vulnerability description
The vulnerability allows an adjacent user to cause denial of service conditions on the host system.
The vulnerability exists due a packet framentation bug. An adjacent attacker can cause the target host system to enter an infinite loop and crash.
Successful exploitation of this vulnerability may result in denial of service via network.
The vulnerability exists due a packet framentation bug. An adjacent attacker can cause the target host system to enter an infinite loop and crash.
Successful exploitation of this vulnerability may result in denial of service via network.
Remediation
Patch for this vulnerability is available at:
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html
https://lists.gnu.org/archive/html/qemu-devel/2016-08/msg01601.html