CVE-2015-5279

EPSS 10.2%

Published: 9/28/2015Modified: 4/28/2026

Description

Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.

Affected packages (1)

Debian/qemufrom 0, < 1:2.4+dfsg-3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-5279