Published: 21/07/2020 Updated: 23/09/2022

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 3.3 | Impact Score: 1.4 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu 4.2.0
debian debian linux 9.0
debian debian linux 10.0

Debian Bug report logs - #965978 CVE-2020-15859 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Tue, 21 Jul 2020 19:21:01 UTC Severity: important Tags: security Found in versions qemu/1:50-11, qemu/1:50- ...

A use-after-free issue was found in the INTEL 82574 NIC (e1000e) emulator of the QEMU It could while sending packets if the guest user set the packet data address to e1000e's MMIO address A guest user/process could use this flaw to crash the QEMU process on the host resulting in a denial of service (DoS) scenario ...

oss-sec mailing list archives   By Date By Thread </form>    CVE-2020-15859 QEMU: net: e1000e: use-after-free while sending packets   ...

CWE-416 https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05304.html https://www.openwall.com/lists/oss-security/2020/07/21/3 https://bugs.launchpad.net/qemu/+bug/1886362 https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html https://security.gentoo.org/glsa/202208-27 https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965978 https://nvd.nist.gov https://security.archlinux.org/CVE-2020-15859

CVE-2020-15859

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect