Nicolae Mogoreanu

**Name of the Vulnerable Software and Affected Versions** qemu-kvm version 0.12 **Description** A heap-based buffer overflow issue exists in the process tx desc function within the e1000 emulation. This allows guest OS users to potentially cause a denial of service, leading to a QEMU crash, and possibly execute arbitrary code by sending crafted legacy mode packets. **Recommendations** For qemu-kvm version 0.12, consider disabling the e1000 emulation as a temporary workaround until a patch is available. Restrict access to the process tx desc function to minimize the risk of exploitation. Avoid using crafted legacy mode packets in the affected API endpoint until the issue is resolved.