CVE-2015-8701

QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a descriptor was to have more than allowed (ROCKER_TX_FRAGS_MAX=16) fragments. A privileged user inside guest could use this flaw to cause memory leakage on the host or crash the QEMU process instance resulting in DoS issue.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Information

Published : 2016-12-29 14:59

Updated : 2020-11-10 10:53


NVD link : CVE-2015-8701

Mitre link : CVE-2015-8701


JSON object : View

CWE
CWE-193

Off-by-one Error

Advertisement

dedicated server usa

Products Affected

qemu

  • qemu