Debian: DSA-3471-1 Denial-of-Service Risk in Qemu Security Advisory
debian
February 8, 2016
Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware
Topics Covered
Summary
CVE-2015-7295
Jason Wang of Red Hat Inc. discovered that the Virtual Network
Device support is vulnerable to denial-of-service, that could
occur when receiving large packets.
CVE-2015-7504
Qinghao Tang of Qihoo 360 Inc. and Ling Liu of Qihoo 360 Inc.
discovered that the PC-Net II ethernet controller is vulnerable to
a heap-based buffer overflow that could result in
denial-of-service (via application crash) or arbitrary code
execution.
CVE-2015-7512
Ling Liu of Qihoo 360 Inc. and Jason Wang of Red Hat Inc.
discovered that the PC-Net II ethernet controller is vulnerable to
a buffer overflow that could result in denial-of-service (via
application crash) or arbitrary code execution.
CVE-2015-7549
Qinghao Tang of Qihoo 360 Inc. and Ling Liu of Qihoo 360
Inc. discovered that the PCI MSI-X emulator is vulnerable to a
null pointer dereference issue, that could lead to
denial-of-service (via application crash).
CVE-2015-8345
Qinghao Tang of Qiho...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Package: qemu
CVE ID: CVE-2015-7295 CVE-2015-7504 CVE-2015-7512 CVE-2015-7549
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!