CVE-2020-27617
CVE-2020-27617
eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://lists.debian.org/debian-lts-announce/2020/11/msg00047.htmlhttps://lists.debian.org/debian-lts-announce/2022/09/msg00008.htmlhttps://lists.nongnu.org/archive/html/qemu-devel/2020-10/msg05731.htmlhttps://security.netapp.com/advisory/ntap-20201202-0002/http://www.openwall.com/lists/oss-security/2020/11/02/1