Infinite loop in QEMU - CVE-2017-9310
Published: June 6, 2017 / Updated: June 8, 2017
Vulnerability identifier: #VU6946
CSH Severity: Low
CVSS v4.0:
CVE-ID: CVE-2017-9310
CWE-ID: CWE-835
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: QEMU
Affected software:
QEMU
QEMU
Detailed vulnerability description
Qemu emulator built with the e1000e NIC emulation support is vulnerable to an
infinite loop issue. It could occur while processing data via transmit or
receive descriptors, provided the initial receive/transmit descriptor
head(TDH/RDH) is set outside the allocated descriptor buffer.
A privileged user inside guest could use this flaw to crash the Qemu instance
resulting in DoS.
How to mitigate CVE-2017-9310
Update to version 2.9.0-r2.