Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 21 Dec 2015 23:53:41 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
cc: Qinghao Tang <luodalongde@...il.com>
Subject: CVE request: Qemu: scsi: stack based buffer overflow in
 megasas_ctrl_get_info

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

   Hello,

Qemu emulator built with the SCSI MegaRAID SAS HBA emulation support is 
vulnerable to a stack buffer overflow issue. It occurs while processing the 
SCSI controller's CTRL_GET_INFO command. A privileged guest user could use 
this flaw to crash the Qemu process instance resulting in DoS.

Upstream patch:
- ---------------
   -> https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg03737.html

Reference:
- ----------
   -> https://bugzilla.redhat.com/show_bug.cgi?id=1284008

This issue was discovered by Mr Qinghao Tang of Qihoo 360 Inc.

Thank you.
- --
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWeEOtAAoJEN0TPTL+WwQfobUQALM8V93og7NcHj15LiRqXKOD
UnisLDqo2VeX0MmEHaQ5sYmoJbvYEDebGAqnqfYSfw5LkmfUVfKgzGkIFdywpNva
e80b/k3QLvuDJNiZMWGHzNe5fQUzW2faV07zGag1Bw8RsFvjv72Hq+T0Il9InJHE
9EvcP9LdO4U0Ztqj0ATr5HeejDg09lKIEjwdA9h1UZJp89BghS1+QlFLUstRUtx2
28h24bYL/NMjwpjd4UBU3Fdgn2S3NpC/AsmngVfuTaUtZ6XIORnMHLpvrTvbEjDD
XV864kQbq7KEe1RF8htrBp13n0ugZ63ThHTE46ISiwuHXF9YIG49Eugig98IIrXw
zdMgWlPnh5/fem+hzryx1CpMHu4GePbRdwrjC4ydciTHVoNO1ZqNjj57bsoj3Oiy
rjHraGA6ZkU8hYnNUknXCCY5AN/sBUj/+rU05tE7qmZ0HTJkgNwcuCGX3w6CjhVu
cfbmfOJH1v+dTqCnjTTtRG1fKCVy8webaiNegHqEl+wi21SU23BYmw2mHkOfbPvo
lntNUopd/e+GR6uCSUKdqwofkCzVhc3iisRqwS88dPK1qh5wcZaGfi1+gJAemYaR
qbSA7SJzUemjiJM3ShhnRsXAsSkqsromSEuVh2GuW5RSa2v+WFRS+A5upRXwAaqN
QXM1s/NRQTFIEfxDQcqL
=W+H1
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ