Vulnerabilities > CVE-2020-28916 - Infinite Loop vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
qemu
debian
CWE-835
NVD
Published: 2020-12-04
Updated: 2022-09-30

Summary

hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.

Vulnerable Configurations

Part Description Count
Application
Qemu
1
OS
Debian
2

Common Weakness Enumeration (CWE)

References