Qemu · Qemu · CVE-2020-28916
**Name of the Vulnerable Software and Affected Versions**
QEMU version 5.0.0
**Description**
The issue is related to an infinite loop in the hw/net/e1000e core.c component of the QEMU emulator. This loop can be triggered via an RX descriptor with a NULL buffer address, potentially allowing an attacker to cause a denial of service.
**Recommendations**
For QEMU version 5.0.0, consider disabling the `hw/net/e1000e core.c` component as a temporary workaround until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.