Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2012-0029 | First vendor Publication | 2012-01-27 |
Vendor | Cve | Last vendor Modification | 2023-02-13 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:M/Au:S/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.4 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 4.4 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0029 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:14929 | |||
Oval ID: | oval:org.mitre.oval:def:14929 | ||
Title: | DSA-2396-1 qemu-kvm -- buffer underflow | ||
Description: | Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of KVM, a solution for full virtualization on x86 hardware, which could result in denial of service or privilege escalation. This update also fixes a guest-triggerable memory corruption in VNC handling. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2396-1 CVE-2012-0029 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15011 | |||
Oval ID: | oval:org.mitre.oval:def:15011 | ||
Title: | USN-1339-1 -- QEMU vulnerability | ||
Description: | qemu-kvm: Machine emulator and virtualizer A remote attacker could cause QEMU to crash. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-1339-1 CVE-2012-0029 | Version: | 5 |
Platform(s): | Ubuntu 11.04 Ubuntu 11.10 Ubuntu 10.04 Ubuntu 10.10 | Product(s): | QEMU |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15404 | |||
Oval ID: | oval:org.mitre.oval:def:15404 | ||
Title: | DSA-2404-1 xen-qemu-dm-4.0 -- buffer overflow | ||
Description: | Nicolae Mogoraenu discovered a heap overflow in the emulated e1000e network interface card of QEMU, which is used in the xen-qemu-dm-4.0 packages. This vulnerability might enable to malicious guest systems to crash the host system or escalate their privileges. The old stable distribution does not contain the xen-qemu-dm-4.0 package. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2404-1 CVE-2012-0029 | Version: | 5 |
Platform(s): | Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0 | Product(s): | xen-qemu-dm-4.0 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:20784 | |||
Oval ID: | oval:org.mitre.oval:def:20784 | ||
Title: | RHSA-2012:0051: kvm security update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0051-01 CESA-2012:0051 CVE-2011-4622 CVE-2012-0029 | Version: | 29 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21188 | |||
Oval ID: | oval:org.mitre.oval:def:21188 | ||
Title: | RHSA-2012:0050: qemu-kvm security, bug fix, and enhancement update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0050-01 CESA-2012:0050 CVE-2012-0029 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21269 | |||
Oval ID: | oval:org.mitre.oval:def:21269 | ||
Title: | RHSA-2012:0370: xen security and bug fix update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:0370-01 CVE-2012-0029 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22829 | |||
Oval ID: | oval:org.mitre.oval:def:22829 | ||
Title: | ELSA-2012:0370: xen security and bug fix update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0370-01 CVE-2012-0029 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23102 | |||
Oval ID: | oval:org.mitre.oval:def:23102 | ||
Title: | ELSA-2012:0051: kvm security update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0051-01 CVE-2011-4622 CVE-2012-0029 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23839 | |||
Oval ID: | oval:org.mitre.oval:def:23839 | ||
Title: | ELSA-2012:0050: qemu-kvm security, bug fix, and enhancement update (Important) | ||
Description: | Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via crafted legacy mode packets. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0050-01 CVE-2012-0029 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27871 | |||
Oval ID: | oval:org.mitre.oval:def:27871 | ||
Title: | DEPRECATED: ELSA-2012-0050 -- qemu-kvm security, bug fix, and enhancement update (important) | ||
Description: | [qemu-kvm-0.12.1.2-2.209.el6_2.4] - kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772081] - Resolves: bz#772081 (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-6.2.z]) [qemu-kvm-0.12.1.2-2.209.el6_2.3] - kvm-Revert-virtio-blk-refuse-SG_IO-requests-with-scsi-of.patch [for bz#767721] - kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off-v2.patch [bz#767721] - CVE: CVE-2011-4127 - Resolves: bz#767721 (qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off (CVE-2011-4127 mitigation) [rhel-6.2.z]) [qemu-kvm-0.12.1.2-2.209.el6_2.2] - kvm-virtio-blk-refuse-SG_IO-requests-with-scsi-off.patch [bz#752375] - CVE: CVE-2011-4127 - Resolves: bz#767721 (EMBARGOED qemu-kvm: virtio-blk: refuse SG_IO requests with scsi=off (CVE-2011-4127 mitigation) [rhel-6.3]) - Resolves: bz#767906 (qemu-kvm should be built with full relro and PIE support) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0050 CVE-2012-0029 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | qemu-kvm |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27905 | |||
Oval ID: | oval:org.mitre.oval:def:27905 | ||
Title: | DEPRECATED: ELSA-2012-0370 -- xen security and bug fix update (important) | ||
Description: | [3.0.3-135.el5_8.2] - Fix broken timestamp log (rhbz 797836) [3.0.3-135.el5_8.1] - qemu-dm/e1000: bounds packet size against buffer size (rhbz 786862) - Use correct expansion in xen-network-common.sh (rhbz 797191) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-0370 CVE-2012-0029 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | xen |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2012-12-18 | Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl |
2012-11-23 | Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl |
2012-11-15 | Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl |
2012-10-22 | Name : Gentoo Security Advisory GLSA 201210-04 (ebuild) File : nvt/glsa_201210_04.nasl |
2012-10-19 | Name : Fedora Update for qemu FEDORA-2012-15606 File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl |
2012-09-22 | Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl |
2012-08-24 | Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl |
2012-08-14 | Name : Fedora Update for qemu FEDORA-2012-11305 File : nvt/gb_fedora_2012_11305_qemu_fc16.nasl |
2012-08-06 | Name : Fedora Update for xen FEDORA-2012-11190 File : nvt/gb_fedora_2012_11190_xen_fc16.nasl |
2012-07-30 | Name : CentOS Update for kmod-kvm CESA-2012:0051 centos5 File : nvt/gb_CESA-2012_0051_kmod-kvm_centos5.nasl |
2012-07-30 | Name : CentOS Update for qemu-img CESA-2012:0050 centos6 File : nvt/gb_CESA-2012_0050_qemu-img_centos6.nasl |
2012-07-09 | Name : RedHat Update for qemu-kvm RHSA-2012:0050-01 File : nvt/gb_RHSA-2012_0050-01_qemu-kvm.nasl |
2012-06-28 | Name : Fedora Update for xen FEDORA-2012-9430 File : nvt/gb_fedora_2012_9430_xen_fc15.nasl |
2012-06-28 | Name : Fedora Update for xen FEDORA-2012-9399 File : nvt/gb_fedora_2012_9399_xen_fc16.nasl |
2012-06-08 | Name : Fedora Update for qemu FEDORA-2012-8592 File : nvt/gb_fedora_2012_8592_qemu_fc16.nasl |
2012-06-08 | Name : Fedora Update for qemu FEDORA-2012-8604 File : nvt/gb_fedora_2012_8604_qemu_fc15.nasl |
2012-04-02 | Name : Fedora Update for xen FEDORA-2012-1375 File : nvt/gb_fedora_2012_1375_xen_fc16.nasl |
2012-03-09 | Name : RedHat Update for xen RHSA-2012:0370-01 File : nvt/gb_RHSA-2012_0370-01_xen.nasl |
2012-02-21 | Name : Fedora Update for xen FEDORA-2012-1539 File : nvt/gb_fedora_2012_1539_xen_fc15.nasl |
2012-02-12 | Name : Debian Security Advisory DSA 2404-1 (xen-qemu-dm-4.0) File : nvt/deb_2404_1.nasl |
2012-02-11 | Name : Debian Security Advisory DSA 2396-1 (qemu-kvm) File : nvt/deb_2396_1.nasl |
2012-01-25 | Name : Ubuntu Update for qemu-kvm USN-1339-1 File : nvt/gb_ubuntu_USN_1339_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
78506 | Qemu hw/e1000.c process_tx_desc() Function DMA Request Legacy Packet Packet L... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-06-12 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0068.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0168.nasl - Type : ACT_GATHER_INFO |
2014-11-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0109.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_qemu-120207.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_libvirt-120208.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_4_kvm-120124.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-84.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-404.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-243.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0050.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0051.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0370.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0050.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0051.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201210-04.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120123_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120307_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-06-08 | Name : The remote Fedora host is missing a security update. File : fedora_2012-8604.nasl - Type : ACT_GATHER_INFO |
2012-06-08 | Name : The remote Fedora host is missing a security update. File : fedora_2012-8592.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201202-120209.nasl - Type : ACT_GATHER_INFO |
2012-03-20 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201202-120210.nasl - Type : ACT_GATHER_INFO |
2012-03-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0370.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1539.nasl - Type : ACT_GATHER_INFO |
2012-02-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-1375.nasl - Type : ACT_GATHER_INFO |
2012-02-06 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2404.nasl - Type : ACT_GATHER_INFO |
2012-01-31 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2396.nasl - Type : ACT_GATHER_INFO |
2012-01-30 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-120116.nasl - Type : ACT_GATHER_INFO |
2012-01-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0050.nasl - Type : ACT_GATHER_INFO |
2012-01-25 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0051.nasl - Type : ACT_GATHER_INFO |
2012-01-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1339-1.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2023-02-13 05:28:34 |
|
2023-02-02 21:28:47 |
|
2021-05-04 12:18:55 |
|
2021-04-22 01:22:39 |
|
2020-05-23 00:32:33 |
|
2017-08-29 09:23:39 |
|
2016-04-26 21:22:44 |
|
2015-06-13 13:27:42 |
|
2014-11-18 13:25:59 |
|
2014-06-14 13:32:04 |
|
2014-03-06 13:21:58 |
|
2014-02-17 11:06:48 |
|
2013-05-10 22:30:53 |
|
2013-04-19 13:19:59 |
|
2013-01-04 13:19:06 |
|