First Last Prev Next    This bug is not in your last search results.
Bug 1024178 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode
VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode
Status: RESOLVED DUPLICATE of bug 1007157
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P5 - None : Normal
: ---
Assigned To: Charles Arnold
Security Team bot
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-02-08 01:48 UTC by Johannes Segitz
Modified: 2017-02-09 03:21 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-02-08 01:48:42 UTC 
+++ This bug was initially created as a clone of Bug #1006538 +++

Reference: http://seclists.org/oss-sec/2016/q4/223
===================================================
  Hello,

Quick Emulator(Qemu) built with the RTL8139 ethernet controller emulation support is vulnerable to an infinite loop issue. It could occur while transmitting packets in C+ mode of operation.


A privileged user inside guest could use this flaw to consume excessive CPU cycles on the host, resulting in DoS situation.


Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html


Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
===================================================
Comment 1 Charles Arnold 2017-02-08 20:22:50 UTC 
Same CVE-2016-8910 as bnc#1007157

*** This bug has been marked as a duplicate of bug 1007157 ***
First Last Prev Next    This bug is not in your last search results.