FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2015-7295

This CVE name corresponds to:

Entered Topic
2016-01-02 qemu -- denial of service vulnerability in virtio-net support

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2015-7295 at cve.mitre.org

Details

Type Candidate
Name CVE-2015-7295
Phase Assigned(20150918)

Description

hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on the (1) tuntap or (2) macvtap interface.

References

Source Reference
MLIST [oss-security] 20150918 CVE request Qemu: net: virtio-net possible remote DoS
MLIST [oss-security] 20150918 Re: CVE request Qemu: net: virtio-net possible remote DoS
FEDORA FEDORA-2015-d5c1048b47
FEDORA FEDORA-2015-d8510319c0
FEDORA FEDORA-2015-fca1900745

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.