oss-sec mailing list archives
Possible CVE request: virtualbox virtio-net host DoS
From: Raphael Geissert <geissert () debian org>
Date: Fri, 5 Jul 2013 12:13:56 +0200
Hi, Quoting [1]:
I have discovered a problem with virtio-net that leads to a lockup of the host machine's kernel and the need for a hard reset to make it working again.
The bug is said to be worked around in version 4.2.14 and really fixed in 4.2.16, but the changelog of either version doesn't reference that ticket. Rumors say that virtualbox makes the host randomly hang, but since there is an actual bug report and confirmation from upstream this time I guess a CVE id should be assigned. [1] https://www.virtualbox.org/ticket/11863 [2] https://www.virtualbox.org/wiki/Changelog [3] https://secunia.com/advisories/53858/ Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- Possible CVE request: virtualbox virtio-net host DoS Raphael Geissert (Jul 05)
- Re: Possible CVE request: virtualbox virtio-net host DoS Kurt Seifried (Jul 05)
- Re: Possible CVE request: virtualbox virtio-net host DoS Oracle Security Alerts (Jul 05)
- Re: Possible CVE request: virtualbox virtio-net host DoS Kurt Seifried (Jul 05)