Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 25 Oct 2016 01:05:59 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
cc: cve-assign@...re.org, hendersa@...ulus.org
Subject: Re: Re: CVE request Qemu: net: rtl8139: infinite loop
 while transmit in C+ mode

+-- On Mon, 24 Oct 2016, cve-assign@...re.org wrote --+
| > https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html
| >>
| >> RTL8139 ethernet controller in C+ mode supports multiple
| >> descriptor rings, each with maximum of 64 descriptors. While
| >> processing transmit descriptor ring in 'rtl8139_cplus_transmit',
| >> it does not limit the descriptor count and runs forever.
| 
| Use CVE-2016-8910.

This issue was reported by Mr Andrew Henderson of Intelligent Automation Inc.

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ