oss-sec mailing list archives
CVE request: Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info
From: P J P <ppandit () redhat com>
Date: Mon, 21 Dec 2015 23:53:41 +0530 (IST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello,Qemu emulator built with the SCSI MegaRAID SAS HBA emulation support is vulnerable to a stack buffer overflow issue. It occurs while processing the SCSI controller's CTRL_GET_INFO command. A privileged guest user could use this flaw to crash the Qemu process instance resulting in DoS.
Upstream patch: - --------------- -> https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg03737.html Reference: - ---------- -> https://bugzilla.redhat.com/show_bug.cgi?id=1284008 This issue was discovered by Mr Qinghao Tang of Qihoo 360 Inc. Thank you. - -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWeEOtAAoJEN0TPTL+WwQfobUQALM8V93og7NcHj15LiRqXKOD UnisLDqo2VeX0MmEHaQ5sYmoJbvYEDebGAqnqfYSfw5LkmfUVfKgzGkIFdywpNva e80b/k3QLvuDJNiZMWGHzNe5fQUzW2faV07zGag1Bw8RsFvjv72Hq+T0Il9InJHE 9EvcP9LdO4U0Ztqj0ATr5HeejDg09lKIEjwdA9h1UZJp89BghS1+QlFLUstRUtx2 28h24bYL/NMjwpjd4UBU3Fdgn2S3NpC/AsmngVfuTaUtZ6XIORnMHLpvrTvbEjDD XV864kQbq7KEe1RF8htrBp13n0ugZ63ThHTE46ISiwuHXF9YIG49Eugig98IIrXw zdMgWlPnh5/fem+hzryx1CpMHu4GePbRdwrjC4ydciTHVoNO1ZqNjj57bsoj3Oiy rjHraGA6ZkU8hYnNUknXCCY5AN/sBUj/+rU05tE7qmZ0HTJkgNwcuCGX3w6CjhVu cfbmfOJH1v+dTqCnjTTtRG1fKCVy8webaiNegHqEl+wi21SU23BYmw2mHkOfbPvo lntNUopd/e+GR6uCSUKdqwofkCzVhc3iisRqwS88dPK1qh5wcZaGfi1+gJAemYaR qbSA7SJzUemjiJM3ShhnRsXAsSkqsromSEuVh2GuW5RSa2v+WFRS+A5upRXwAaqN QXM1s/NRQTFIEfxDQcqL =W+H1 -----END PGP SIGNATURE-----
Current thread:
- CVE request: Qemu: scsi: stack based buffer overflow in megasas_ctrl_get_info P J P (Dec 21)