Wind River Support Network

HomeDefectsLIN6-14635
Fixed

LIN6-14635 : Security Advisory - qemu - CVE-2015-5278

Created: Jun 7, 2018    Updated: Dec 3, 2018
Resolved Date: Jun 18, 2018
Found In Version: 6.0.0.29
Fix Version: 6.0.0.37
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

A flaw was found where a QEMU emulator built with NE2000 NIC emulation support was vulnerable to an infinite loop issue that occurred when receiving packets over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance, resulting in a denial of service
as per CVE-2015-5278 , impacts qemu < 2.4.3 

Other Downloads


Live chat
Online