CVE-2020-28916 QEMU: e1000e: infinite loop scenario in case of null packet descriptor

[P J P <ppandit () redhat com>]

  Hello,

An infinite loop issue was found in the e1000e device emulator in QEMU. The 
issue could occur while receiving packets via e1000e_write_packet_to_guest() 
routine, if the receive(RX) descriptor has NULL buffer address. A privileged 
guest user may use this flaw to induce a DoS scenario on the host.

Upstream patch:
---------------
  -> https://lists.nongnu.org/archive/html/qemu-devel/2020-11/msg03185.html

This issue was reported by Cheol-woo Myung.

CVE-2020-28916 assigned via -> https://cveform.mitre.org/

Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
8685 545E B54C 486B C6EB 271E E285 8B5A F050 DE8D