CVE-2012-0029

描述

Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets.

受影響套件(3)

• Debian/qemu-kvmfrom 0, < 0.12.5+dfsg-5+squeeze8
• Debian/xenfrom 0, < 4.1.3~rc1+hg-20120614.a9c0a89c08f2-1
• Debian/xen-qemu-dm-4.0from 0, < 4.0.1-2+squeeze1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-0029