Integer Overflow Vulnerability in Qemu Emulator's NE2000 NIC Emulation

Integer Overflow Vulnerability in Qemu Emulator's NE2000 NIC Emulation

CVE-2018-10839 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.

Learn more about our Network Penetration Testing.