Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun,  6 Mar 2016 21:59:38 -0500 (EST)
From: cve-assign@...re.org
To: ppandit@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com, liuling-it@....cn
Subject: Re: CVE request Qemu: net: out of bounds read in net_checksum_calculate

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Qemu emulator built with the IP checksum routines is vulnerable to an OOB read
> access issue. It could occur while computing checksum for TCP/UDP packets, as
> the function uses payload length from the packet without checking against the
> data buffer size.
> 
> A user inside guest could use this flaw to read excessive bytes or crash the
> Qemu process resulting in DoS.
> 
> https://lists.gnu.org/archive/html/qemu-devel/2016-03/msg00671.html
> https://bugzilla.redhat.com/show_bug.cgi?id=1296567

Use CVE-2016-2857.

This is not yet available at
http://git.qemu.org/?p=qemu.git;a=history;f=net/checksum.c but
that may be an expected place for a later update.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJW3O3wAAoJEL54rhJi8gl56hUP/RyxPOoTlX09iR6D5mvAkzdX
OZSZuybX3W9X4kkZj4+TXUEAQxEBY7AN1j2QY3uPwb9N9QVXUF827vy+WLiXV0SG
dIYHazeMKeGd5fLthf/DI1PFXxtezOkPkBmE33jlX8bn5O9zpcoSATSl8HKqQQCh
iMdgOf1q1Y7rzz+qQrCbXZTKk7R9j5Q3hLkX8TaMlhdo9sUZwAaxiEuRIbGeuqds
7Id2nu1wfeOy4tptpEzfSYp6d8E9t2VHpnNnL3U5iFrdwc6SnKuKu0okwEIpnHJ3
mDb2FH2SPj2SWO4rdsJh/9WIzL6IvfELwq2tLp5aAsIDIsEgF68/0eawGID9wBDL
+Am7yUyqvogKrFfWYRNo74adbRRsO5Jzda8+MMFvuCGctIHRZCXUSNd7GOHCdkia
FMB7pcfAAZN/GPfAdVHpEZfk4aZqmy3iF28z7kOhFSalw74QQXTbAcoZiybyOJmh
ADcEnIoDfvWhxUG3DBocf05a+5Pp1qLNbvYl9NzBEDkNJxcgVQEnMr4gN/QyFXDI
At/gfwOEh3oCDN3mGvUk9d1lIDuu7yARXVcAPsrePHbpB9bmFLEgQRw0SCg+ezFe
QgdYHQ2dquUBcuTcIrT5wDVGgKNwuCyf+h3PZwMXhIFEcTZJyQgldfJXXiXHfpX+
Ggfm4NI0fXZ8NtgMHo2P
=ObQr
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ