CVE-2012-6075

EPSS 7.5%

qemu - buffer overflow

Published: 2/13/2013Modified: 3/9/2026

Also known as:DSA-2608-1DEBIAN-CVE-2012-6075

Description

Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.

Affected packages (5)

Debian/qemufrom 0, < 1.1.2+dfsg-4
Debian/qemufrom 0, < 0.12.5+dfsg-3squeeze3
Debian/qemu-kvmfrom 0, < 0.12.5+dfsg-5+squeeze10
Debian/xenfrom 0, < 4.1.3-8
Debian/xen-qemu-dm-4.0from 0, < 4.0.1-2+squeeze3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-6075