Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 14 Dec 2015 12:16:50 +0530 (IST)
From: P J P <>
To: oss security list <>
cc: Qinghao Tang <>
Subject: CVE-2015-7549 Qemu: pci: msi-x: null pointer dereference issue


Qemu emulator built with the PCI MSI-X support is vulnerable to null pointer 
dereference issue. It occurs when the controller attempts to write to the 
pending bit array(PBA) memory region. Because the MSI-X MMIO support did not 
define the .write method.

A privileges used inside guest could use this flaw to crash the Qemu process 
resulting in DoS issue.

Upstream fix:

CVE-2015-7549 has been assigned to this issue by Red Hat Inc.

This issue was reported by Qinghao Tang of QIHU 360 Marvel Team.

Thank you.
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ