CVE-2010-0741

high

Published 2010-04-12 · Modified 2026-04-29

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

7.8

Description

The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel before 2.6.26, when used on a guest OS in conjunction with qemu-kvm 0.11.0 or KVM 83, allows remote attackers to cause a denial of service (guest OS crash, and an associated qemu-kvm process exit) by sending a large amount of network traffic to a TCP port on the guest OS, related to a virtio-net whitelist that includes an improper implementation of TCP Segment Offloading (TSO).

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact

Linux kernel Affected 200 releases

Version	Status	Fixed in
2.6.23.5	Affected	—
2.6.23.4	Affected	—
2.6.23.3	Affected	—
2.6.23.2	Affected	—
2.6.23.1	Affected	—
2.6.23	Affected	—
2.6.22.22	Affected	—
2.6.22.21	Affected	—
2.6.22.20	Affected	—
2.6.22.19	Affected	—
2.6.22.18	Affected	—
2.6.22.17	Affected	—
2.6.22.16	Affected	—
2.6.22.15	Affected	—
2.6.22.14	Affected	—
2.6.22.13	Affected	—
2.6.22.12	Affected	—
2.6.22.11	Affected	—
2.6.22.10	Affected	—
2.6.22.9	Affected	—
2.6.22.8	Affected	—
2.6.22.7	Affected	—
2.6.22.6	Affected	—
2.6.22.5	Affected	—
2.6.22.4	Affected	—
2.6.22.3	Affected	—
2.6.22.2	Affected	—
2.6.22.1	Affected	—
2.6.22	Affected	—
2.6.21.7	Affected	—
2.6.21.6	Affected	—
2.6.21.5	Affected	—
2.6.21.4	Affected	—
2.6.21.3	Affected	—
2.6.21.2	Affected	—
2.6.21.1	Affected	—
2.6.21	Affected	—
2.6.20.21	Affected	—
2.6.20.20	Affected	—
2.6.20.19	Affected	—
2.6.20.18	Affected	—
2.6.20.17	Affected	—
2.6.20.16	Affected	—
2.6.20.15	Affected	—
2.6.20.14	Affected	—
2.6.20.13	Affected	—
2.6.20.12	Affected	—
2.6.20.11	Affected	—
2.6.20.10	Affected	—
2.6.20.9	Affected	—
2.6.20.8	Affected	—
2.6.20.7	Affected	—
2.6.20.6	Affected	—
2.6.20.5	Affected	—
2.6.20.4	Affected	—
2.6.20.3	Affected	—
2.6.20.2	Affected	—
2.6.20.1	Affected	—
2.6.20	Affected	—
2.6.19.7	Affected	—
2.6.19.6	Affected	—
2.6.19.5	Affected	—
2.6.19.4	Affected	—
2.6.19.3	Affected	—
2.6.19.2	Affected	—
2.6.19.1	Affected	—
2.6.19	Affected	—
2.6.18.8	Affected	—
2.6.18.7	Affected	—
2.6.18.6	Affected	—
2.6.18.5	Affected	—
2.6.18.4	Affected	—
2.6.18.3	Affected	—
2.6.18.2	Affected	—
2.6.18.1	Affected	—
2.6.18	Affected	—
2.6.17.14	Affected	—
2.6.17.13	Affected	—
2.6.17.12	Affected	—
2.6.17.11	Affected	—
2.6.17.10	Affected	—
2.6.17.9	Affected	—
2.6.17.8	Affected	—
2.6.17.7	Affected	—
2.6.17.6	Affected	—
2.6.17.5	Affected	—
2.6.17.4	Affected	—
2.6.17.3	Affected	—
2.6.17.2	Affected	—
2.6.17.1	Affected	—
2.6.17	Affected	—
2.6.16.62	Affected	—
2.6.16.61	Affected	—
2.6.16.60	Affected	—
2.6.16.59	Affected	—
2.6.16.58	Affected	—
2.6.16.57	Affected	—
2.6.16.56	Affected	—
2.6.16.55	Affected	—
2.6.16.54	Affected	—
2.6.16.53	Affected	—
2.6.16.52	Affected	—
2.6.16.51	Affected	—
2.6.16.50	Affected	—
2.6.16.49	Affected	—
2.6.16.48	Affected	—
2.6.16.47	Affected	—
2.6.16.46	Affected	—
2.6.16.45	Affected	—
2.6.16.44	Affected	—
2.6.16.43	Affected	—
2.6.16.42	Affected	—
2.6.16.41	Affected	—
2.6.16.40	Affected	—
2.6.16.39	Affected	—
2.6.16.38	Affected	—
2.6.16.37	Affected	—
2.6.16.36	Affected	—
2.6.16.35	Affected	—
2.6.16.34	Affected	—
2.6.16.33	Affected	—
2.6.16.32	Affected	—
2.6.16.31	Affected	—
2.6.16.30	Affected	—
2.6.16.29	Affected	—
2.6.16.28	Affected	—
2.6.16.27	Affected	—
2.6.16.26	Affected	—
2.6.16.25	Affected	—
2.6.16.24	Affected	—
2.6.16.23	Affected	—
2.6.16.22	Affected	—
2.6.16.21	Affected	—
2.6.16.20	Affected	—
2.6.16.19	Affected	—
2.6.16.18	Affected	—
2.6.16.17	Affected	—
2.6.16.16	Affected	—
2.6.16.15	Affected	—
2.6.16.14	Affected	—
2.6.16.13	Affected	—
2.6.16.12	Affected	—
2.6.16.11	Affected	—
2.6.16.10	Affected	—
2.6.16.9	Affected	—
2.6.16.8	Affected	—
2.6.16.7	Affected	—
2.6.16.6	Affected	—
2.6.16.5	Affected	—
2.6.16.4	Affected	—
2.6.16.3	Affected	—
2.6.16.2	Affected	—
2.6.16.1	Affected	—
2.6.16	Affected	—
2.6.15.7	Affected	—
2.6.15.6	Affected	—
2.6.15.5	Affected	—
2.6.15.4	Affected	—
2.6.15.3	Affected	—
2.6.15.2	Affected	—
2.6.15.1	Affected	—
2.6.15	Affected	—
2.6.14.7	Affected	—
2.6.14.6	Affected	—
2.6.14.5	Affected	—
2.6.14.4	Affected	—
2.6.14.3	Affected	—
2.6.14.2	Affected	—
2.6.14.1	Affected	—
2.6.14	Affected	—
2.6.13.5	Affected	—
2.6.13.4	Affected	—
2.6.13.3	Affected	—
2.6.13.2	Affected	—
2.6.13.1	Affected	—
2.6.13	Affected	—
2.6.12.6	Affected	—
2.6.12.5	Affected	—
2.6.12.4	Affected	—
2.6.12.3	Affected	—
2.6.12.2	Affected	—
2.6.12.1	Affected	—
2.6.12	Affected	—
2.6.11.12	Affected	—
2.6.11.11	Affected	—
2.6.11.10	Affected	—
2.6.11.9	Affected	—
2.6.11.8	Affected	—
2.6.11.7	Affected	—
2.6.11.6	Affected	—
2.6.11.5	Affected	—
2.6.11.4	Affected	—
2.6.11.3	Affected	—
2.6.11.2	Affected	—
2.6.11.1	Affected	—
2.6.11	Affected	—
2.6.10	Affected	—
2.6.2	Affected	—
2.6.1	Affected	—
2.6.0	Affected	—

Application impact

Vendor	Product	Versions	Fixed
kvm_qumranet	kvm	`83`
qemu	qemu	`0.11.0`

References

CWEs

CWE-20

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.