Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 8 Dec 2016 01:36:58 -0500
From: <cve-assign@...re.org>
To: <ppandit@...hat.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>,
	<liq3ea@...il.com>
Subject: Re: CVE request Qemu: display: virtio-gpu: memory leakage when destroying gpu resource

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is
> vulnerable to a memory leakage issue. It could occur while destroying gpu
> resource object in 'virtio_gpu_resource_destroy'
> 
> A guest user/process could use this flaw to leak host memory bytes, resulting
> in DoS for a host.
> 
> https://lists.gnu.org/archive/html/qemu-devel/2016-11/msg05043.html

>> the 'iov' and 'addrs' field in resource is not freed

Use CVE-2016-9912.

This is not yet available at
http://git.qemu.org/?p=qemu.git;a=history;f=hw/display/virtio-gpu.c but
that may be an expected place for a later update.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYSPwEAAoJEHb/MwWLVhi2PNkQAJ04jluxiwMJkFYyHnxywbvq
uhCBuwqncHIs/MUMLdYrNB3NvUQm1W4DmF1iVOKpP/r4jhXbZ52cS89hEbCfFL/W
rPsr5H1tVLyUmXEroMxoyT9RJRlNlMp4FXTYCmbsZStqW+KLsXc/IiiUqfPJfw00
qo2AHZc4xMpSqYKSUPwZYN4UG4uosve1mYcmII7CTg2nTFqeFeufq6A+N8/HKpFC
dYp4fcGkM1B8V4W2FL95oWalMUmDjFGnVfXQrlSnJB1XcOEFqsebcUq7xFcE2psi
FCYkoz098xv1TIYWCwIj3Oscl/AH8SDtrXokXbtYqxbeq0mKIkaTqtLsj4CiooxY
KhuJs27nJZJZZve15r2CZ6g8poHMZH+WdSWrF4tZNlgDsOojLnrI8+vPqknfM91B
8AxAuEGPcGSFa9JHSP8EhJ7Jr1aahoL4OqJQSSesqk9PckKQREsLqS5cnMEQj+OE
mHe4a2bPj900Okq5SXnnZt1t8T8WyIzgC2rgfDuMuCfoC38NF1dRjQ8TcK0oL6r6
sK52vKKO9Rmo/JLdVkjjgvu0UZZ5c21FfhJbKROkWYE9TmNc+Kuf2f5ypk1bHzA6
A3fB5mNz2nwV95JyQgr+TVyfT1Pf0mZfl1U/gRJE0M7t3m3DYQiYXeWJ9heRKgQj
+G1h8Edu8sXg+DMskaTQ
=vdtL
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ