Quick Emulator(Qemu) built with the VMWARE VMXNET3 NIC device support is vulnerable to an out-of-bounds access issue. It could occur while stripping VLAN header from 'eth_buf' buffer in receiving packets. A remote user/process could use this issue to crash Qemu process instance resulting in DoS. Note:- It requires 'VLANSTRIP' feature is enabled on the vmxnet3 device. Upstream patch: --------------- -> https://lists.nongnu.org/archive/html/qemu-devel/2017-02/msg03527.html Reference: ---------- -> http://www.openwall.com/lists/oss-security/2017/02/17/2
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1423359]