Date: Mon, 14 Dec 2015 12:16:50 +0530 (IST) From: P J P <ppandit@...hat.com> To: oss security list <oss-security@...ts.openwall.com> cc: Qinghao Tang <luodalongde@...il.com> Subject: CVE-2015-7549 Qemu: pci: msi-x: null pointer dereference issue Hello, Qemu emulator built with the PCI MSI-X support is vulnerable to null pointer dereference issue. It occurs when the controller attempts to write to the pending bit array(PBA) memory region. Because the MSI-X MMIO support did not define the .write method. A privileges used inside guest could use this flaw to crash the Qemu process resulting in DoS issue. Upstream fix: ------------- -> http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285 CVE-2015-7549 has been assigned to this issue by Red Hat Inc. This issue was reported by Qinghao Tang of QIHU 360 Marvel Team. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ