Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 16 Jan 2016 11:21:24 +0530 (IST)
From: P J P <ppandit@...hat.com>
To: oss security list <oss-security@...ts.openwall.com>
cc: Ling Liu <liuling-it@....cn>
Subject: CVE request Qemu: i386: null pointer dereference in vapic_write

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

    Hello,

Qemu emulator built with the TPR optimization for 32-bit Windows guests 
support is vulnerable to a null pointer dereference flaw. It occurs while 
doing I/O port write operations via hmp interface. In that, 'current_cpu' 
remains null, which leads to the null pointer dereference.

A user/process could use this flaw to crash the Qemu instance, resulting in 
DoS issue.

Upstream patch:
- ---------------
   -> https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg02812.html

Reference:
- ----------
   -> https://bugzilla.redhat.com/show_bug.cgi?id=1283934

This issue was discovered by Mr Ling Liu of Qihoo 360 Inc.

Thank you.
- --
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWmdpcAAoJEN0TPTL+WwQfQFgP/R+7d+gu6FI/vnMOm5GkIrT6
r4Are28blvOv3rpiFBVhZdZnguM6AnVcxUw0bDFqXx4VRWRr+1efP3NmLHP+WkBm
UA7Kx5PPvqboB2eDapdFO2IOtkZj65MvfNhQIqRGNZK/Oc+87jLESE4FjcYMewPu
I496GavUhCvXmwUESVycRlvUt4MG1CLutFrV9oZ3X97P7GjOZZopO38+u6sUKOHG
k4isp4UxKQ2h4i72uLTnyVf6KvQPotD/Xsu68mLhfLDbC3yY3f2feotKTiSPozbl
mZqJq8H0Y76re2vkYCYsdyPCrrLMgENlggG+lJlRm695i6kd0/qVVfkTnKFSTBsg
adHlUBzXx65kR1HW4wkcypVCzP1uP7CWGTvH7dImOs3pw+mYFKpGxPpCc6MQQnXz
DyensHIEkJE1K4gwXhtFwh98oTGRCgkLhfllt7L8DTqQ8zbiGjZ9YB3TPKIDnXL9
+OeHmH6fxHgG6dKIlnEA9MnyzVzWjAW6niRUJngOvpPPXRc2hkeyq1pQipJzR0jR
oeqw6GeivT037UVh5gvoc2xUDA0KthLhN286O/P9eGmNXPfoK4cb7WzMswrQCFki
vF7aUrPB08VrCqNQ6B1BoIslFS1AHox6lYF+D/hS9VpwtHpGpbhN/Puw7lDt877D
etdsl05ZqHxRIZyzcrXr
=Rkz7
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ