DEBIAN-CVE-2020-15863

DEBIAN-CVE-2020-15863 PUBLISHED CVSS 5.300000190734863 MEDIUM

hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555.

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

Affected Products

Vendor	Product	Versions
Debian:12	qemu	0, 0, 0
Debian:11	qemu	0, 0, 0
Debian:13	qemu	0, 0, 0
Debian:14	qemu	0, 0, 0

Timeline

Jul 28, 2020 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2020-15863 advisory

Open in Interactive Console →