Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-zmns-hhw6-wkar
Vulnerability ID VCID-zmns-hhw6-wkar
Aliases CVE-2012-6075
Summary qemu (e1000 device driver): Buffer overflow when processing large packets
Status Published
Exploitability 0.5
Weighted Severity 8.4
Risk 4.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
System Score Found at
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
epss 0.07525 https://api.first.org/data/v1/epss?cve=CVE-2012-6075
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2012-6075
Reference id Reference type URL
http://git.qemu.org/?p=qemu.git%3Ba=commitdiff%3Bh=b0d9ffcd0251161c7c92f94804dcf599dfa3edeb
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097541.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097575.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097705.html
http://lists.nongnu.org/archive/html/qemu-devel/2012-12/msg00533.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html
http://lists.opensuse.org/opensuse-updates/2013-04/msg00051.html
http://lists.opensuse.org/opensuse-updates/2013-04/msg00052.html
http://rhn.redhat.com/errata/RHSA-2013-0599.html
http://rhn.redhat.com/errata/RHSA-2013-0608.html
http://rhn.redhat.com/errata/RHSA-2013-0609.html
http://rhn.redhat.com/errata/RHSA-2013-0610.html
http://rhn.redhat.com/errata/RHSA-2013-0639.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6075.json
https://api.first.org/data/v1/epss?cve=CVE-2012-6075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6075
http://secunia.com/advisories/55082
http://security.gentoo.org/glsa/glsa-201309-24.xml
http://www.debian.org/security/2013/dsa-2607
http://www.debian.org/security/2013/dsa-2608
http://www.debian.org/security/2013/dsa-2619
http://www.openwall.com/lists/oss-security/2012/12/30/1
http://www.securityfocus.com/bid/57420
http://www.ubuntu.com/usn/USN-1692-1
696051 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696051
889301 https://bugzilla.redhat.com/show_bug.cgi?id=889301
cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:3.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
CVE-2012-6075 https://nvd.nist.gov/vuln/detail/CVE-2012-6075
GLSA-201309-24 https://security.gentoo.org/glsa/201309-24
RHSA-2013:0599 https://access.redhat.com/errata/RHSA-2013:0599
RHSA-2013:0608 https://access.redhat.com/errata/RHSA-2013:0608
RHSA-2013:0609 https://access.redhat.com/errata/RHSA-2013:0609
RHSA-2013:0610 https://access.redhat.com/errata/RHSA-2013:0610
RHSA-2013:0636 https://access.redhat.com/errata/RHSA-2013:0636
RHSA-2013:0639 https://access.redhat.com/errata/RHSA-2013:0639
USN-1692-1 https://usn.ubuntu.com/1692-1/
XSA-41 https://xenbits.xen.org/xsa/advisory-41.html
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2012-6075
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.91769
EPSS Score 0.07525
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T12:37:46.920693+00:00 Xen Importer Import https://xenbits.xen.org/xsa/advisory-41.html 38.0.0