QEMU stellaris_enet_receive Function Denial of Service Vulnerability (CVE-2016-4001)
QEMU stellaris_enet_receive Function Denial of Service Vulnerability (CVE-2016-4001)
Release date:
Updated on:
Affected Systems:
QEMU
Description:
CVE (CAN) ID: CVE-2016-4001
QEMU is an open source simulator software.
QEMU has a buffer overflow security vulnerability in the hw/net/stellaris_enet.c/stellaris_enet_receive function. After the Stellaris Ethernet controller is configured to receive large data packets, remote attackers can use large data packets to cause DOS.
<* Source: Oleksandr Bazhaniuk
*>
Suggestion:
Vendor patch:
QEMU
----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://git.qemu.org /? P = qemu. git; a = commit; h = 3a15cc0e1ee7168db0781_3d2607a6bfa422d66
Use KVM + Qemu to build a virtual machine in Ubuntu
Linux getting started Tutorial: QEMU for Virtual Machine experience
Ubuntu 12.04 cannot find the Qemu command
Install QEMU + efi bios on Arch Linux
QEMU translation framework and debugging tools
QEMU code analysis: BIOS loading process
QEMU details: click here
QEMU: click here
This article permanently updates the link address: