Fedora Account System
Red Hat Associate
Red Hat Customer
An infinite loop issue was found in the e1000 NIC emulator of the QEMU. It occurs while processing transmit (tx) descriptors in process_tx_desc, if various descriptor fields are initialised with invalid values. A guest may use this flaw to consume cpu cycles on the host resulting in DoS scenario. Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg03595.html
Created xen tracking bugs for this issue: Affects: fedora-all [bug 1930089]
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1930094]
Acknowledgments: Name: Alexander Bulekov, Cheolwoo Myung (Seoul National University), Sergej Schumilo (Ruhr-University Bochum), Cornelius Aschermann (Ruhr-University Bochum), Simon Werner (Ruhr-University Bochum)
Statement: This issue affects the version of the qemu-kvm package shipped with Red Hat Enterprise Linux 6, 7 and 8. Future qemu-kvm package updates for Red Hat Enterprise Linux 7 and 8 may address this issue. This issue has been rated as having Low security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5 and 6. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
External References: https://www.openwall.com/lists/oss-security/2021/02/25/2
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:5238 https://access.redhat.com/errata/RHSA-2021:5238
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-20257
This issue has been addressed in the following products: Advanced Virtualization for RHEL 8.5.0.Z Via RHSA-2022:0081 https://access.redhat.com/errata/RHSA-2022:0081