eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. (CVE-2020-27617)
Impact
BIG-IP
This flaw allows a guest user to cause the QEMU process on the host to stop responding, resulting in a denial of service (DoS).
This affects all BIG-IP platforms with Virtual Clustered Multiprocessing (vCMP) enabled. For more information on vCMP platforms, refer to K14088: vCMP host and compatible guest version matrix
CPE | Name | Operator | Version |
---|---|---|---|
big-ip aam | eq | 11.6.1 | |
big-ip aam | eq | 11.6.2 | |
big-ip aam | eq | 11.6.3 | |
big-ip aam | eq | 11.6.4 | |
big-ip aam | eq | 11.6.5 | |
big-ip aam | eq | 12.1.0 | |
big-ip aam | eq | 12.1.1 | |
big-ip aam | eq | 12.1.2 | |
big-ip aam | eq | 12.1.3 | |
big-ip aam | eq | 12.1.4 |