6

CVE-2016-8910

The rtl8139_cplus_transmit function in hw/net/rtl8139.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
QemuQemu Version <= 2.7.1
DebianDebian Linux Version8.0
OpensuseLeap Version42.2
RedhatOpenstack Version6.0
RedhatOpenstack Version7.0
RedhatOpenstack Version8
RedhatOpenstack Version9
RedhatOpenstack Version10
RedhatOpenstack Version11
RedhatVirtualization Version4.0
   RedhatEnterprise Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.41% 0.323
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6 1.5 4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
Third Party Advisory
Mailing List
https://access.redhat.com/errata/RHSA-2017:2392
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2408
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-12/msg00140.html
Third Party Advisory
Mailing List
https://security.gentoo.org/glsa/201611-11
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/10/24/2
Patch
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2016/10/24/5
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/93844
Third Party Advisory
VDB Entry
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
Patch
Third Party Advisory