CVE-2015-8744 in QEMUinfo

Summary

QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance resulting in DoS.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

01/04/2016

Disclosure

12/29/2016

Moderation

VulDB entry created

Entries

1: VDB-94715

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

4.4

EPSS

0.00067

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-8744
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-8744
CVE Details	https://www.cvedetails.com/cve/CVE-2015-8744/

◂ Previous Overview Next ▸