Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 05 Jul 2013 13:03:39 -0700
From: Oracle Security Alerts <>
CC:, Raphael Geissert <>,
Subject: Re: Possible CVE request: virtualbox virtio-net host

Hash: SHA1

Hi Kurt,

On 7/5/13 12:22 PM, Kurt Seifried wrote:
> On 07/05/2013 04:13 AM, Raphael Geissert wrote:
>> Hi,
>> Quoting [1]:
>>> I have discovered a problem with virtio-net that leads to a 
>>> lockup of the host machine's kernel and the need for a hard
>>> reset to make it working again.
>> The bug is said to be worked around in version 4.2.14 and really 
>> fixed in 4.2.16, but the changelog of either version doesn't 
>> reference that ticket.
>> Rumors say that virtualbox makes the host randomly hang, but
>> since there is an actual bug report and confirmation from
>> upstream this time I guess a CVE id should be assigned.
>> [1] [2] 
>> [3] 
>> Cheers, -- Raphael Geissert - Debian Developer - 
> Oracle is a CNA so they should handle this:
> CC'ing them. Can you guys assign one quickly so this can be
> properly tracked? Thanks!

Please use CVE-2013-3792 to track this issue.

- -Ritwik Ghoshal

- --
Best Regards,

Oracle Security Alerts
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools -
Comment: Using GnuPG with Thunderbird -


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.