{"id":"MGASA-2015-0397","summary":"Updated qemu packages fixes security vulnerabilities","details":"Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the\nNE2000 NIC emulation. A privileged guest user could use this flaw to\nmount a denial of service (QEMU process crash). (CVE-2015-5278)\n\nQinghao Tang of QIHU 360 Inc. discovered a heap buffer overflow flaw in\nthe NE2000 NIC emulation. A privileged guest user could use this flaw to\nmount a denial of service (QEMU process crash), or potentially to execute\narbitrary code on the host with the privileges of the hosting QEMU\nprocess. (CVE-2015-5279)\n\nA flaw has been discovered in the QEMU emulator built with Virtual Network\nDevice(virtio-net) support. If the guest's virtio-net driver did not\nsupport big or mergeable receive buffers, an issue could occur while\nreceiving large packets over the tuntap/ macvtap interfaces. An attacker\non the local network could use this flaw to disable the guest's\nnetworking; the user could send a large number of jumbo frames to the\nguest, which could exhaust all receive buffers, and lead to a denial of\nservice. (CVE-2015-7295)\n","modified":"2026-02-04T02:42:27.975474Z","published":"2015-10-13T22:40:25Z","related":["CVE-2015-5278","CVE-2015-5279","CVE-2015-7295"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0397.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=16761"},{"type":"REPORT","url":"https://lists.fedoraproject.org/pipermail/package-announce/2015-October/169036.html"},{"type":"REPORT","url":"http://openwall.com/lists/oss-security/2015/09/18/9"}],"affected":[{"package":{"name":"qemu","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/qemu?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.1.3-2.7.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0397.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}