CVE-2020-28916 - log back

CVE-2020-28916 edited at 09 Dec 2020 10:33:43
Description
- An infinite loop issue was found in the e1000e device emulator in QEMU. The issue could occur while receiving packets via e1000e_write_packet_to_guest() routine, if the receive(RX) descriptor has NULL buffer address. A privileged guest user may use this flaw to induce a DoS scenario on the host.
+ An infinite loop issue was found in the e1000e device emulator in QEMU before version 5.2.0. The issue could occur while receiving packets via e1000e_write_packet_to_guest() routine, if the receive(RX) descriptor has NULL buffer address. A privileged guest user may use this flaw to induce a DoS scenario on the host.
CVE-2020-28916 edited at 01 Dec 2020 11:01:38
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Denial of service
Description
+ An infinite loop issue was found in the e1000e device emulator in QEMU. The issue could occur while receiving packets via e1000e_write_packet_to_guest() routine, if the receive(RX) descriptor has NULL buffer address. A privileged guest user may use this flaw to induce a DoS scenario on the host.
References
+ https://www.openwall.com/lists/oss-security/2020/12/01/2
+ https://git.qemu.org/?p=qemu.git;a=commitdiff;h=c2cb511634012344e3d0fe49a037a33b12d8a98a
Notes
CVE-2020-28916 created at 01 Dec 2020 10:59:29