Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 25 Oct 2016 01:05:59 +0530 (IST)
From: P J P <>
To: oss security list <>
Subject: Re: Re: CVE request Qemu: net: rtl8139: infinite loop
 while transmit in C+ mode

+-- On Mon, 24 Oct 2016, wrote --+
| >
| >>
| >> RTL8139 ethernet controller in C+ mode supports multiple
| >> descriptor rings, each with maximum of 64 descriptors. While
| >> processing transmit descriptor ring in 'rtl8139_cplus_transmit',
| >> it does not limit the descriptor count and runs forever.
| Use CVE-2016-8910.

This issue was reported by Mr Andrew Henderson of Intelligent Automation Inc.

Thank you.
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ