The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
Software | From | Fixed in |
---|---|---|
fedoraproject / fedora | 21 | 21.x |
fedoraproject / fedora | 22 | 22.x |
fedoraproject / fedora | 23 | 23.x |
canonical / ubuntu_linux | 12.04 | 12.04.x |
canonical / ubuntu_linux | 14.04 | 14.04.x |
canonical / ubuntu_linux | 15.04 | 15.04.x |
qemu / qemu | - | 2.4.0.1 |
arista / eos | 4.12 | 4.12.x |
arista / eos | 4.13 | 4.13.x |
arista / eos | 4.14 | 4.14.x |
arista / eos | 4.15 | 4.15.x |