thr3ads.net - Secure testing team - [Secure-testing-team] Bug#657529: e1000: process_tx_desc legacy mode packets heap overflow (CVE-2012-0029) [Jan 2012]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Michael Tokarev

2012-Jan-26 20:23 UTC

[Secure-testing-team] Bug#657529: e1000: process_tx_desc legacy mode packets heap overflow (CVE-2012-0029)

Package: qemu-kvm
Version: 0.12.5+dfsg-5+squeeze6
Severity: serious
Tags: patch security squeeze upstream sid

There is a buffer overflow in handling of network
packets transmitted from guest to qemu/kvm process
in e1000 emulated device.  A malicious guest running
on a virtual machine with emulated e1000 device can
trigger a heap overflow in host process and gain
host privileges.

This is assigned CVE-2012-0029.

Both stable (squeeze) and testing/unstable versions
are affected (and actually oldstable as well, but
there, kvm package is severly broken anyway).

Secure testing team - Jan 2012 - Bug#657529: e1000: process_tx_desc legacy mode packets heap overflow (CVE-2012-0029)

[Secure-testing-team] Bug#657529: e1000: process_tx_desc legacy mode packets heap overflow (CVE-2012-0029)