ByteOS Network

NVD Vulnerability Details :

CVE-2016-1981

Modified

Source-secalert@redhat.com

Published At-29 Dec, 2016 | 22:59

Updated At-06 May, 2026 | 22:30

QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	2.1	LOW	AV:L/AC:L/Au:N/C:N/I:N/A:P

Type: Primary

Version: 3.1

Base score: 5.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Type: Primary

Version: 2.0

Base score: 2.1

Base severity: LOW

Vector:

AV:L/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

QEMU

>>qemu>>Versions up to 2.5.1.1(inclusive)

cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*

Debian GNU/Linux

>>debian_linux>>7.0

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Debian GNU/Linux

>>debian_linux>>8.0

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-835	Primary	nvd@nist.gov

CWE ID: CWE-835

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://rhn.redhat.com/errata/RHSA-2016-2585.html	secalert@redhat.com	Third Party Advisory
http://www.debian.org/security/2016/dsa-3469	secalert@redhat.com	Third Party Advisory
http://www.debian.org/security/2016/dsa-3470	secalert@redhat.com	Third Party Advisory
http://www.debian.org/security/2016/dsa-3471	secalert@redhat.com	Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/19/10	secalert@redhat.com	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/22/1	secalert@redhat.com	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/81549	secalert@redhat.com	Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1298570	secalert@redhat.com	Issue Tracking
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html	secalert@redhat.com	Patch Vendor Advisory
https://security.gentoo.org/glsa/201604-01	secalert@redhat.com	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2585.html	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.debian.org/security/2016/dsa-3469	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.debian.org/security/2016/dsa-3470	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.debian.org/security/2016/dsa-3471	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/19/10	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/01/22/1	af854a3a-2127-422b-91ae-364da2661108	Mailing List Third Party Advisory
http://www.securityfocus.com/bid/81549	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1298570	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
https://security.gentoo.org/glsa/201604-01	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory