[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 31 May 2021 18:40:04 +0200
From: Mauro Matteo Cascella <mcascell@...hat.com>
To: oss-security@...ts.openwall.com
Cc: Li Qiang <liq3ea@...il.com>
Subject: QEMU: security issues in vhost-user-gpu
Hello,
Multiple security issues were identified in the virtio vhost-user GPU
device (vhost-user-gpu) of QEMU. A malicious guest could use these
flaws to leak memory from the host system or potentially crash the
QEMU process on the host, resulting in a denial of service condition.
Patch series:
https://lists.nongnu.org/archive/html/qemu-devel/2021-05/msg04536.html
The following CVEs have been assigned by Red Hat, Inc.
* CVE-2021-3544 - combined CVE for multiple memory leaks
Upstream commits:
https://gitlab.com/qemu-project/qemu/-/commit/86dd8fac
https://gitlab.com/qemu-project/qemu/-/commit/b9f79858
https://gitlab.com/qemu-project/qemu/-/commit/b7afebcf
https://gitlab.com/qemu-project/qemu/-/commit/f6091d86
https://gitlab.com/qemu-project/qemu/-/commit/63736af5
* CVE-2021-3545 - information disclosure due to uninitialized memory read
Upstream commit:
https://gitlab.com/qemu-project/qemu/-/commit/121841b2
* CVE-2021-3546 - oob write while processing VIRTIO_GPU_CMD_GET_CAPSET
Upstream commit:
https://gitlab.com/qemu-project/qemu/-/commit/9f22893a
Acknowledgements: Li Qiang of Tianchen Security Lab (Ant Group).
Thank you,
Best regards.
--
Mauro Matteo Cascella
Red Hat Product Security
PGP-Key ID: BB3410B0
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
