FreeBSD : qemu -- denial of service vulnerability in virtio-net support (42cbd1e8-b152-11e5-9728-002590263bf5)
Medium Nessus Plugin ID 87692
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionPrasad J Pandit, Red Hat Product Security Team, reports :
Qemu emulator built with the Virtual Network Device(virtio-net) support is vulnerable to a DoS issue. It could occur while receiving large packets over the tuntap/macvtap interfaces and when guest's virtio-net driver did not support big/mergeable receive buffers.
An attacker on the local network could use this flaw to disable guest's networking by sending a large number of jumbo frames to the guest, exhausting all receive buffers and thus leading to a DoS situation.
SolutionUpdate the affected packages.