Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-28916

Published: 4 December 2020

hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
qemu
Launchpad, Ubuntu, Debian
bionic
Released (1:2.11+dfsg-1ubuntu7.35)
focal
Released (1:4.2-3ubuntu6.12)
groovy
Released (1:5.0-5ubuntu9.4)
precise Does not exist

trusty Not vulnerable
(code not present)
upstream
Released (1:5.2+dfsg-1)
xenial Not vulnerable
(code not present)
Patches:
upstream: https://git.qemu.org/?p=qemu.git;a=commit;h=c2cb511634012344e3d0fe49a037a33b12d8a98a
qemu-kvm
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

groovy Does not exist

precise Not vulnerable
(code not present)
trusty Does not exist

upstream Needs triage

xenial Does not exist