QEMU 'hw/net/rtl8139.c' Integer Overflow Vulnerability

QEMU is prone to an integer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

Attackers can exploit this issue to crash the QEMU instance, resulting in a denial-of-service condition. Due to the nature of this issue, code execution may be possible but this has not been confirmed.


Privacy Statement
Copyright 2010, SecurityFocus