FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qemu -- denial of service vulnerability in virtio-net support

Affected packages
qemu < 2.4.1
qemu-devel < 2.4.1
qemu-sbruno < 2.5.50.g20151224
qemu-user-static < 2.5.50.g20151224

Details

VuXML ID 42cbd1e8-b152-11e5-9728-002590263bf5
Discovery 2015-09-18
Entry 2016-01-02

Prasad J Pandit, Red Hat Product Security Team, reports:

Qemu emulator built with the Virtual Network Device(virtio-net) support is vulnerable to a DoS issue. It could occur while receiving large packets over the tuntap/macvtap interfaces and when guest's virtio-net driver did not support big/mergeable receive buffers.

An attacker on the local network could use this flaw to disable guest's networking by sending a large number of jumbo frames to the guest, exhausting all receive buffers and thus leading to a DoS situation.

References

CVE Name CVE-2015-7295
URL http://git.qemu.org/?p=qemu.git;a=commit;h=696317f1895e836d53b670c7b77b7be93302ba08
URL http://www.openwall.com/lists/oss-security/2015/09/18/5
URL https://github.com/seanbruno/qemu-bsd-user/commit/0cf33fb6b49a19de32859e2cdc6021334f448fb3