DEBIAN-CVE-2016-1981
Advisory lineage Upstream: 1 Downstream: 3
Upstream
Downstream
Published: 29 Dec 2016, 22:59
Last modified:28 Apr 2026, 20:15
Vulnerability Summary
Overall Risk (default)
low
22/100 CVSS Score
5.5 MEDIUM
3.1 (osv_debian)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
29 Dec 2016, 22:59
Published
Vulnerability first disclosed
28 Apr 2026, 20:15
Last Modified
Vulnerability information updated
Description
QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS.
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- debian•qemu
< 1:2.5+dfsg-5 | < 1:2.5+dfsg-5 | < 1:2.5+dfsg-5 | < 1:2.5+dfsg-5