CVE-2015-6815

LOW

Qemu < 2.4.0.1 - Infinite Loop

Title source: rule

Description

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

References (13)

Scores

CVSS v3 3.5
EPSS 0.0225
EPSS Percentile 84.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE
CWE-835
Status published

Affected Products (30)

qemu/qemu < 2.4.0.1
fedoraproject/fedora
fedoraproject/fedora
fedoraproject/fedora
novell/suse_linux_enterprise_software_development_kit
novell/suse_linux_enterprise_software_development_kit
novell/suse_linux_enterprise_software_development_kit
novell/suse_linux_enterprise_debuginfo
novell/suse_linux_enterprise_debuginfo
novell/suse_linux_enterprise_desktop
novell/suse_linux_enterprise_desktop
novell/suse_linux_enterprise_desktop
novell/suse_linux_enterprise_server
novell/suse_linux_enterprise_server
novell/suse_linux_enterprise_server
... and 15 more

Timeline

Published Jan 31, 2020
Tracked Since Feb 18, 2026