Published: 04/12/2020 Updated: 30/09/2022

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qemu qemu 5.0.0
debian debian linux 9.0
debian debian linux 10.0

Debian Bug report logs - #976388 qemu: CVE-2020-28916 Package: src:qemu; Maintainer for src:qemu is Debian QEMU Team <pkg-qemu-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 4 Dec 2020 13:06:01 UTC Severity: important Tags: security, upstream Found in version qemu/1 ...

An infinite loop issue was found in the e1000e device emulator in QEMU The issue could occur while receiving packets via e1000e_write_packet_to_guest() routine, if the receive(RX) descriptor has NULL buffer address A privileged guest user may use this flaw to induce a DoS scenario on the host ...

oss-sec mailing list archives   By Date By Thread </form>    CVE-2020-28916 QEMU: e1000e: infinite loop scenario in case of null packet descriptor  <!--X-Head-o ...

CWE-835 https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html http://www.openwall.com/lists/oss-security/2020/12/01/2 https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html https://lists.debian.org/debian-lts-announce/2022/09/msg00008.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=976388 https://nvd.nist.gov https://security.archlinux.org/CVE-2020-28916

CVE-2020-28916

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect