oss-sec mailing list archives
Re: CVE request Qemu: display: virtio-gpu: out of bounds read in virtio_gpu_set_scanout
From: <cve-assign () mitre org>
Date: Thu, 22 Dec 2016 18:59:21 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Quick Emulator(Qemu) built with the Virtio GPU Device emulator support is vulnerable to an OOB read issue. It could occur while processing 'VIRTIO_GPU_CMD_SET_SCANOUT:' command. A guest user/process could use this flaw to crash the Qemu process instance resulting in Dos. http://git.qemu.org/?p=qemu.git;a=commit;h=acfc4846508a02cc4c83aa27799fd7 http://git.qemu.org/?p=qemu.git;a=commit;h=2fe760554eb3769d70f608a158474f
The scanout id should not be above the configured num_scanouts.
Use CVE-2016-10029. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJYXGfnAAoJEHb/MwWLVhi2XawP/jE9QxYK30gG1aMK8peEuX3a b59gBHobECBcTLX2A8NUXN7/C5fIUhOUwiAj00sHEZjyZkJA8NONIfC3ussRlrkU GfFnFnYT6h5mprlh9EGaiXjENCGxWFYTZ1PeAieGpJV4VPWDzGr49L7p8lleLKS5 arhNsgBXnJO/H6Wlk2JGlZRQAR6B+0rmhrpvQzZz0ry711f3sdkJ0bPIqPr3SrMS SBlARTOYKueTenW3z/o3U1YxKUx/y9/pkXbaEcRueGuUfCDQ7VEone4VzuqQG7Wo AJvkLoPX81TMShec4A9AKjMOohtDlDpnMB5afCHL8940u05BVLBk9n8Nw7hZbXZ+ oETpGdXAVtXnJodBwfvY/tWQ5mJIkcCXNJefGEw1a0xM1JmGbYnfXCrqNEBJKboJ UAmL1wx6k4XZ698/akQupRkIIsSsEi3pwuK+3RBnHtbmkRiKVyiA0oRWyLFvas7u 1Ij+iYb8xPGFdgAF/CuGvhkqsNWuZJIK0J8Qgxq7Tobt/EPdU86yt3cY4BjRBLr4 VVOt9hjJKoUiIyszmeuwEK10G9UxqSu9RqK6siAOj+hEJCoMeqWx9Cdi2QgUaRwX saqhI5Y0pvcxccU/BN6spVWzRMpCp49D8t610pCEfLQE18mp+BqRAsPAN39j9RXZ V9XNIsxkhbOaBh0BwUqV =8Vzd -----END PGP SIGNATURE-----
Current thread:
- CVE request Qemu: display: virtio-gpu: out of bounds read in virtio_gpu_set_scanout P J P (Dec 20)
- Re: CVE request Qemu: display: virtio-gpu: out of bounds read in virtio_gpu_set_scanout cve-assign (Dec 22)