CVE-2015-6815
published 2020-01-31CVE-2015-6815: The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which…
low3.5CVSS 3.1
AVAACLPRLUINSUCNINAL
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arista | eos | — | — |
| arista | eos | — | — |
| arista | eos | — | — |
| arista | eos | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | qemu | < qemu 1:2.4+dfsg-2 (bookworm) | qemu 1:2.4+dfsg-2 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| novell | suse_linux_enterprise_debuginfo | — | — |
| novell | suse_linux_enterprise_desktop | — | — |
| novell | suse_linux_enterprise_desktop | — | — |
| novell | suse_linux_enterprise_server | — | — |
| novell | suse_linux_enterprise_server | — | — |
| novell | suse_linux_enterprise_software_development_kit | — | — |
| novell | suse_linux_enterprise_software_development_kit | — | — |
| qemu | qemu | < 2.4.0.1 | 2.4.0.1 |
| qemu | qemu | — | — |
| qemu | qemu | >= 0 < 1:2.4+dfsg-2 | 1:2.4+dfsg-2 |
| qemu | qemu | >= 0 < 1:2.4+dfsg-2 | 1:2.4+dfsg-2 |
| qemu | qemu | >= 0 < 1:2.4+dfsg-2 | 1:2.4+dfsg-2 |
| qemu | qemu | >= 0 < 1:2.4+dfsg-2 | 1:2.4+dfsg-2 |
| qemu | qemu | >= 0 < 2.0.0+dfsg-2ubuntu1.19 | 2.0.0+dfsg-2ubuntu1.19 |
CVSS provenance
nvdv3.13.5LOWCVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
osv6.5MEDIUM