A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU process on the host resulting in DoS scenario.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qemu | Qemu | * | 5.2.0 (including) |
| Advanced Virtualization for RHEL 8.4.0.Z | RedHat | virt:av-8040020210922084349.522a0ee4 | * |
| Advanced Virtualization for RHEL 8.4.0.Z | RedHat | virt-devel:av-8040020210922084349.522a0ee4 | * |
| Red Hat Enterprise Linux 8 | RedHat | virt-devel:rhel-8040020210721215855.522a0ee4 | * |
| Red Hat Enterprise Linux 8 | RedHat | virt:rhel-8040020210721215855.522a0ee4 | * |
| Qemu | Ubuntu | bionic | * |
| Qemu | Ubuntu | esm-infra-legacy/trusty | * |
| Qemu | Ubuntu | esm-infra/xenial | * |
| Qemu | Ubuntu | focal | * |
| Qemu | Ubuntu | groovy | * |
| Qemu | Ubuntu | trusty | * |
| Qemu | Ubuntu | trusty/esm | * |
| Qemu | Ubuntu | xenial | * |
| Qemu-kvm | Ubuntu | precise/esm | * |