QEMU CVE-2017-6058 Denial of Service Vulnerability

QEMU is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to cause denial-of-service condition.

Information

Bugtraq ID: 96277
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-6058

Remote: Yes
Local: No
Published: Feb 17 2017 12:00AM
Updated: Apr 14 2017 01:04AM
Credit: Prasad J Pandit
Vulnerable: QEMU QEMU 0
Gentoo Linux

Not Vulnerable:

References:

• QEMU Homepage (QEMU)
  
• [Qemu-devel] [PATCH 2/5] NetRxPkt: Fix memory corruption on VLAN header (nongnu)
  
• Bug 1423358 - (CVE-2017-6058) CVE-2017-6058 Qemu: net: vmxnet3: OOB NetRxPkt::eh (Red Hat)
  
• CVE-2017-6058 Qemu: net: vmxnet3: OOB NetRxPkt::ehdr_buf access when doing vlan (seclists)
  

Source: www.securityfocus.com