Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 18 Sep 2015 15:11:09 -0400 (EDT)
From: cve-assign@...re.org
To: ppandit@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, jasowang@...hat.com
Subject: Re: CVE request Qemu: net: virtio-net possible remote DoS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Qemu emulator built with the Virtual Network Device(virtio-net) support is
> vulnerable to a DoS issue. It could occur while receiving large packets over
> the tuntap/macvtap interfaces and when guest's virtio-net driver did not
> support big/mergeable receive buffers.
> 
> An attacker on the local network could use this flaw to disable guest's
> networking by sending a large number of jumbo frames to the guest, exhausting
> all receive buffers and thus leading to a DoS situation.
> 
> https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04729.html
> https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04730.html
> https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg04731.html

> When packet is truncated during receiving, we drop the packets but
> neither discard the descriptor nor add and signal used
> descriptor. This will lead several issues:
> 
> - sg mappings are leaked
> - rx will be stalled if a lots of packets were truncated

Use CVE-2015-7295.

As far as we can tell, "sg mappings are leaked" and "rx will be
stalled" aren't independent problems.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJV/GCUAAoJEL54rhJi8gl5CR0P/3W08SnlO7UG5romkJRFhZUX
MMmoucggrWMmrY1hGq11cODk5DmD53R0WDg5Eu+XfEwEyryHpTk034kJUub3yLOM
ylj+ZatLRWpRw2qofMSyI7wfJHOWbi6XjfzVPsMX1biub1ncIMnt3DYngXlKj4H5
leXdQDbcatxUvuSe7wYwxiFEVsLi0tS9EdlFmjxgQ63iOGqZXI6TL/pkvAeOPx4C
OIbxd2lAfyjtSxPo9NOXoXzlOxSoBm7n1KTD+nwOIVxlkbLQfh63lIycJ6dH717u
nuq1p7Hgd+KwkG6aqjD7iy+B0NLuS1oJj3Yl9P2bxlLjXf3qqieaOjk4AeZoMNXZ
zMx0f8ejWFgO0IP/kknslYcRnV6vvP+bBSmdCDwJZPi/ov82yVtRfIt3CLJ3rifP
Ms3/0sb58x5PITjYurioOJxDSpmXClRgUpahnCKBQijyNyLQF5tih0FSJ7RRqZub
/6cgwOvY6TIJJklZ9I4j/xn2VFbFwkf0ShqWzBIr2QZ3I5zNuwuGNGLE0Z/nGgf/
Pds9nDggKCHEPy96xsnfevbdGwIkNofRpTWwCRe1Qyy4KfM6t8mZ2vL4kjB+8Ngp
vDpulZkDVaLB7FvZ9Gb3SWICeLt2rMq8nQy3vJGKtss8zI2dcwJ6a0H/EP+cVaD8
nPCVm7dzeyUY84OY6uyN
=pwm1
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ