Denial of Service Vulnerability in QEMU NE2000 NIC Emulation

Denial of Service Vulnerability in QEMU NE2000 NIC Emulation

CVE-2016-2841 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

The ne2000_receive function in the NE2000 NIC emulation support (hw/net/ne2000.c) in QEMU before 2.5.1 allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via crafted values for the PSTART and PSTOP registers, involving ring buffer control.

Learn more about our Web Application Penetration Testing UK.