The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO).
Metrics
No CVSS v4.0
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Complete
AV:N/AC:L/Au:N/C:N/I:N/A:C
This CVE is not in the KEV list.
Key SSVC decision points have not yet been added.
Affected Vendors & Products
Vendors | Products |
---|---|
Kvm Qumranet |
|
Linux |
|
Qemu |
|
Redhat |
|
Configuration 1 [-]
AND |
|
Package | CPE | Advisory | Released Date |
---|---|---|---|
Red Hat Enterprise Linux 5 | |||
kvm-0:83-164.el5 | cpe:/a:redhat:rhel_virtualization:5 | RHSA-2010:0271 | 2010-03-29T00:00:00Z |
Red Hat Enterprise Virtualization for RHEL-5 | |||
rhev-hypervisor-0:5.5-2.2.4.2.el5rhev | cpe:/o:redhat:enterprise_linux:5::hypervisor | RHSA-2010:0476 | 2010-06-22T00:00:00Z |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2010-04-12T18:00:00
Updated: 2024-08-07T00:59:38.986Z
Reserved: 2010-02-26T00:00:00
Link: CVE-2010-0741
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-04-12T18:30:00.493
Modified: 2024-11-21T01:12:51.980
Link: CVE-2010-0741
Redhat