Bug 1024178

Summary: VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Charles Arnold <carnold>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: astieger, jsegitz, mikhail.kasimov, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Johannes Segitz 2017-02-08 01:48:42 UTC
+++ This bug was initially created as a clone of Bug #1006538 +++

Reference: http://seclists.org/oss-sec/2016/q4/223

Quick Emulator(Qemu) built with the RTL8139 ethernet controller emulation support is vulnerable to an infinite loop issue. It could occur while transmitting packets in C+ mode of operation.

A privileged user inside guest could use this flaw to consume excessive CPU cycles on the host, resulting in DoS situation.

Upstream patch:
  -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html

Thank you.
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
Comment 1 Charles Arnold 2017-02-08 20:22:50 UTC
Same CVE-2016-8910 as bnc#1007157

*** This bug has been marked as a duplicate of bug 1007157 ***