Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6075

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-6075
Last Modified 19 Apr 2014 12:29:22
Published 12 Feb 2013 08:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-6075

Summary

Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.

Vulnerable Systems

Application

  • Qemu -

  • Qemu 0.1

  • Qemu 0.1.1

  • Qemu 0.1.2

  • Qemu 0.1.3

  • Qemu 0.1.4

  • Qemu 0.1.5

  • Qemu 0.1.6

  • Qemu 0.10.0

  • Qemu 0.10.1

  • Qemu 0.10.2

  • Qemu 0.10.3

  • Qemu 0.10.4

  • Qemu 0.10.5

  • Qemu 0.10.6

  • Qemu 0.11.0

  • Qemu 0.11.0-rc0

  • Qemu 0.11.0-rc1

  • Qemu 0.11.0-rc2

  • Qemu 0.11.1

  • Qemu 0.12.0

  • Qemu 0.12.1

  • Qemu 0.12.2

  • Qemu 0.12.3

  • Qemu 0.12.4

  • Qemu 0.12.5

  • Qemu 0.13.0

  • Qemu 0.14.0

  • Qemu 0.14.1

  • Qemu 0.15.0

  • Qemu 0.2

  • Qemu 0.3

  • Qemu 0.4

  • Qemu 0.4.1

  • Qemu 0.4.2

  • Qemu 0.4.3

  • Qemu 0.5.0

  • Qemu 0.5.1

  • Qemu 0.5.2

  • Qemu 0.5.3

  • Qemu 0.5.4

  • Qemu 0.5.5

  • Qemu 0.6.0

  • Qemu 0.6.1

  • Qemu 0.7.0

  • Qemu 0.7.1

  • Qemu 0.7.2

  • Qemu 0.8.0

  • Qemu 0.8.1

  • Qemu 0.8.2

  • Qemu 0.9.0

  • Qemu 0.9.1

  • Qemu 0.9.1-5

  • Qemu 1.0

  • Qemu 1.0.1

  • Qemu 1.1

  • Qemu 1.1.1

  • Qemu 1.1.2

  • Qemu 1.2.0

  • Qemu 1.2.1

  • Qemu 1.2.2

  • Qemu 1.3.0

  • Qemu 1.3.1

  • Qemu 1.4.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=889301

UBUNTU - USN-1692-1

BID - 57420

MLIST - [oss-security] 20121229 Re: CVE request: qemu e1000 emulated device gues-side buffer overflow

DEBIAN - DSA-2608

MLIST - [Qemu-devel] 20121205 [PATCH] e1000: Discard oversized packets based on SBP|LPE

FEDORA - FEDORA-2013-0934

FEDORA - FEDORA-2013-0965

FEDORA - FEDORA-2013-0971

CONFIRM - http://git.qemu.org/?p=qemu.git;a=commitdiff;h=b0d9ffcd0251161c7c92f94804dcf599dfa3edeb

DEBIAN - DSA-2619

DEBIAN - DSA-2607

REDHAT - RHSA-2013:0639

REDHAT - RHSA-2013:0610

REDHAT - RHSA-2013:0609

REDHAT - RHSA-2013:0608

REDHAT - RHSA-2013:0599

SUSE - openSUSE-SU-2013:0637

SUSE - openSUSE-SU-2013:0636

MLIST - [Qemu-devel] 20121205 [PATCH] e1000: Discard oversized packets based on SBP|LPE

GENTOO - GLSA-201309-24

SECUNIA - 55082

SUSE - SUSE-SU-2014:0446

Related Patches

Novell SUSE 2013:7492 xen security update for SLE 11 SP2 i586

Novell SUSE 2013:7492 xen security update for SLE 11 SP2 x86_64


Last Updated: 27 May 2016 11:01:50