Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 Sep 2017 21:54:31 +0200
From: Salvatore Bonaccorso <>
Cc: David Buchanan <>, Michael Tokarev <>
Subject: Re: CVE-2017-13673 Qemu: vga: reachable assert
 failure during during display update


On Wed, Aug 30, 2017 at 03:34:51PM +0530, P J P wrote:
>   Hello,
> Quick emulator(Qemu) built with the VGA display emulator support is
> vulnerable to an assert failure issue. It could occur while updating
> graphics display, due to miscalculating region for dirty bitmap snapshot in
> split screen mode.
> A privileged user/process inside guest could use this flaw to crash the Qemu
> process on the host resulting in DoS.
> Upstream patch:
> ---------------
>   ->
> Reference:
> ----------
>   ->
> This issue was reported by David Buchanan.

Can you clarify the affected versions? I noticed while looking at the
above, that MITRE description mentions "Qemu 2.8.0 through 2.9.0". I
perfectly realize those does not come from the above.  As far as I can
see, e.g. cpu_physical_memory_snapshot_get_dirty was only introduced
in v2.10.0-rc0. The upstream commit associated with the above issue

which fixes;a=commit;h=fec5e8c92becad223df9d972770522f64aafdb72

introducing the use of dirty bitmap snapshots in vga_draw_graphic().

Do I miss something makeing it affecting as well earlier versions than

Regards and thanks already for your help,

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.