Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 Sep 2017 21:54:31 +0200
From: Salvatore Bonaccorso <>
Cc: David Buchanan <>, Michael Tokarev <>
Subject: Re: CVE-2017-13673 Qemu: vga: reachable assert
 failure during during display update


On Wed, Aug 30, 2017 at 03:34:51PM +0530, P J P wrote:
>   Hello,
> Quick emulator(Qemu) built with the VGA display emulator support is
> vulnerable to an assert failure issue. It could occur while updating
> graphics display, due to miscalculating region for dirty bitmap snapshot in
> split screen mode.
> A privileged user/process inside guest could use this flaw to crash the Qemu
> process on the host resulting in DoS.
> Upstream patch:
> ---------------
>   ->
> Reference:
> ----------
>   ->
> This issue was reported by David Buchanan.

Can you clarify the affected versions? I noticed while looking at the
above, that MITRE description mentions "Qemu 2.8.0 through 2.9.0". I
perfectly realize those does not come from the above.  As far as I can
see, e.g. cpu_physical_memory_snapshot_get_dirty was only introduced
in v2.10.0-rc0. The upstream commit associated with the above issue

which fixes;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72

introducing the use of dirty bitmap snapshots in vga_draw_graphic().

Do I miss something makeing it affecting as well earlier versions than

Regards and thanks already for your help,

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ