oss-sec mailing list archives
CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array
From: P J P <ppandit () redhat com>
Date: Tue, 18 Dec 2018 14:23:07 +0530 (IST)
Hello,An out-of-bound stack buffer r/w access issue was found in QEMU's generic RDMA back-end implementation. It could occur when a driver tries to build scatter/gather element's array in build_host_sge_array() routine.
A guest user/process could use this flaw to crash the QEMU process resulting in DoS.
Upstream patch: --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2018-12/msg02822.html This issue was reported by Saar Amar. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
Current thread:
- CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array P J P (Dec 18)
- Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array saar amar (Dec 18)
- Re: Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array Agostino Sarubbo (Dec 18)
- Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array P J P (Dec 18)
- Re: CVE-2018-20124 QEMU: rdma: OOB access when building scatter-gather array saar amar (Dec 18)