Published: 31/01/2020 Updated: 12/09/2023

CVSS v2 Base Score: 2.7 | Impact Score: 2.9 | Exploitability Score: 5.1

CVSS v3 Base Score: 3.5 | Impact Score: 1.4 | Exploitability Score: 2.1

VMScore: 240

Vector: AV:A/AC:L/Au:S/C:N/I:N/A:P

The process_tx_desc function in hw/net/e1000.c in QEMU prior to 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows malicious users to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu
fedoraproject fedora 22
fedoraproject fedora 23
fedoraproject fedora 21
novell suse linux enterprise server 11.0
novell suse linux enterprise server 12.0
novell suse linux enterprise debuginfo 11.0
novell suse linux enterprise desktop 12.0
novell suse linux enterprise desktop 11.0
novell suse linux enterprise software development kit 11.0
novell suse linux enterprise software development kit 12.0
canonical ubuntu linux 12.04
canonical ubuntu linux 14.04
canonical ubuntu linux 15.04
redhat enterprise linux 7.0
redhat enterprise linux 6.0
redhat openstack 5.0
redhat openstack 7.0
redhat enterprise linux 5.0
redhat openstack 6.0
xen xen 4.4.3
xen xen 4.5.1
arista eos 4.15
arista eos 4.14
arista eos 4.13
arista eos 4.12

Debian Bug report logs - #798101 qemu: CVE-2015-6815: net: e1000 infinite loop issue Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 5 Sep 2015 16:33:06 UTC Severity: important Tags: patch, secur ...

Several security issues were fixed in QEMU ...

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware CVE-2015-5278 Qinghao Tang of QIHU 360 Inc discovered an infinite loop issue in the NE2000 NIC emulation A privileged guest user could use this flaw to mount a denial of service (QEMU process crash) CVE-2015-5279 Qinghao Tang of ...

Several vulnerabilities were discovered in qemu, a fast processor emulator CVE-2015-5278 Qinghao Tang of QIHU 360 Inc discovered an infinite loop issue in the NE2000 NIC emulation A privileged guest user could use this flaw to mount a denial of service (QEMU process crash) CVE-2015-5279 Qinghao Tang of QIHU 360 Inc discovered ...

CWE-835 http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html http://www.openwall.com/lists/oss-security/2015/09/04/4 https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg01199.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html http://www.ubuntu.com/usn/USN-2745-1 http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html http://www.openwall.com/lists/oss-security/2015/09/05/5 https://bugzilla.redhat.com/show_bug.cgi?id=1260076 https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798101 https://usn.ubuntu.com/2745-1/https://nvd.nist.gov

CVE-2015-6815

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect