QEMU hw/virtio. c DoS Vulnerability (CVE-2015-7295)

QEMU hw/virtio. c DoS Vulnerability (CVE-2015-7295)
QEMU hw/virtio. c DoS Vulnerability (CVE-2015-7295)

Release date:
Updated on:

Affected Systems:

QEMU QEMU

Description:

CVE (CAN) ID: CVE-2015-7295

QEMU is an open source simulator software.

QEMU enables virtio-net support and does not include large or merged receiving buffers. It receives a large number of giant frames on the tuntap or macvtap interfaces, hw/virtio. c. Security Vulnerabilities in processing allow remote attackers to consume client network resources, resulting in DOS.

<* Source: vendor
*>

Suggestion:

Vendor patch:

QEMU
----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169624.html
Http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169802.html
Http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169767.html

Use KVM + Qemu to build a virtual machine in Ubuntu

Linux getting started Tutorial: QEMU for Virtual Machine experience

Ubuntu 12.04 cannot find the Qemu command

Install QEMU + efi bios on Arch Linux

QEMU translation framework and debugging tools

QEMU code analysis: BIOS loading process

QEMU details: click here
QEMU: click here

This article permanently updates the link address: