Quick Emulator(Qemu) built with the AMD PC-Net II emulator support is vulnerable to an infinite loop issue. It could occur while receiving packets via pcnet_receive(). A privileged user/process inside guest could use this issue to crash the Qemu process on the host leading to DoS. Upstream patch -------------- -> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg07942.html
Acknowledgments: Name: Li Qiang (Qihoo 360 Inc.)
Created attachment 1149665 [details] GDB report
Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1381196]
CVE assignment: http://seclists.org/oss-sec/2016/q4/12
commit 34e29ce754c02bb6b3bdd244fbb85033460feaff Author: Prasad J Pandit <pjp> Date: Fri Sep 30 00:27:33 2016 +0530 net: pcnet: check rx/tx descriptor ring length
*** Bug 1329596 has been marked as a duplicate of this bug. ***