CVE-2020-15859

Name

CVE-2020-15859

Description

QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.

NVD Severity

low

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
Mailing List	https://lists.gnu.org/archive/html/qemu-devel/2020-07/msg05304.html
Mailing List	https://www.openwall.com/lists/oss-security/2020/07/21/3
Exploit	https://bugs.launchpad.net/qemu/+bug/1886362
Mailing List	https://lists.debian.org/debian-lts-announce/2021/02/msg00024.html

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:qemu:qemu:4.2.0:::::::*`	qemu	== None	== 4.2.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
qemu	edge-community	5.0.0-r0	None	fixed
qemu	edge-community	4.2.0-r0	None	possibly vulnerable
qemu	3.22-community	5.0.0-r0	None	fixed
qemu	3.22-community	4.2.0-r0	None	possibly vulnerable
qemu	3.21-community	5.0.0-r0	None	fixed
qemu	3.20-community	5.0.0-r0	None	fixed
qemu	3.19-community	5.0.0-r0	None	fixed
qemu	3.18-community	5.0.0-r0	None	fixed
qemu	3.17-community	5.0.0-r0	None	fixed