rpm package
suse/qemu&distro=SUSE Linux Enterprise Server 12 SP1-LTSS
pkg:rpm/suse/qemu&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS
Vulnerabilities (62)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-6835 | Med | 6.0 | < 2.3.1-33.3.3 | 2.3.1-33.3.3 | Dec 10, 2016 | The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length. | |
| CVE-2016-6834 | Med | 4.4 | < 2.3.1-33.3.3 | 2.3.1-33.3.3 | Dec 10, 2016 | The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length. |
- affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failure to check IP header length.
- affected < 2.3.1-33.3.3fixed 2.3.1-33.3.3
The net_tx_pkt_do_sw_fragmentation function in hw/net/net_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the current fragment length.
Page 4 of 4